Content transmission device and content transmission method

ABSTRACT

A content transmission device for transmitting a digital content to other device connected via a network, including a receiving unit that receives the digital content accompanied with a piece of copy control information indicating a condition of restricting the digital content from being copied, a communication processing unit that transmits and receives the digital content or various data, or control commands to and from the other device, a connection determining unit that determines whether the other device is present on an intra-residential network connected by the content transmission device, and a control unit that controls the receiving unit, the communication processing unit, and the connection determining unit, in which the control unit does not output the digital content received by the receiving unit from the communication processing unit to the other device in a case where the other device is determined not to be installed at an inside of a residence by using the connection determining unit, thereby, a user who owns a device used in an mobile environment of a note type PC or a portable terminal satisfies a request for intending to access to the content in a household from a traveling destination or in a train in the midst of commutation by using the device.

TECHNICAL FIELD

The present invention relates to a content transmission device and acontent transmission method preferable for protecting a copyright oftransmitted contents in transmitting and receiving contents of image,voices, and the like via a network.

BACKGROUND ART

When contents are transmitted between digital AV apparatus, encryptionis executed on a content transmission device side, and information fordecryption is shared between the content transmission device side and acontent reception device side. Thereby, copy protect preventing creationof copy without restrictions is executed such that the contents arecorrectly received and not decrypted by a device other than the contentreception device which is a transmission destination.

There is a system described in, for example, Patent Literature 1 whichis adopted in digital AV apparatus as an example of a method of suchcopy protect. According to the system described in Patent Literature 1,contents are classified into “Copy free (copiable withoutrestrictions)”, “Copy free with EPN asserted (copiable withoutrestrictions with output protection)”, “Copy one generation (copiablefor one generation)”, “No more copies (prohibit recopy)”, and “Copynever (prohibit copy)” to manage the contents. In a picture recordingdevice, only contents of “Copy free”, “Copy free with EPN asserted”, and“Copy one generation” are recorded, contents of “Copy one generation”are treated as “No more copies” after once recorded, and transmission isexecuted by subjecting the contents to an encryption processing on atransmission side except contents of “Copy free”. Thereby, copying ofcontents without restrictions is prevented.

Patent Literature 1 and Patent Literature 2 disclose a technology fordetermining an intra-residential network such that contents configuringa copyright protection object of broadcasting programs recorded in ahousehold are not delivered extra-residentially without restrictions incontents transmission in a wired or wireless network.

CITATION LIST Patent Literatures

-   Patent Literature 1: Japanese Unexamined Patent Application    Publication No. 2005-269288-   Patent Literature 2: Japanese Unexamined Patent Application    Publication No. 2007-36351

SUMMARY OF INVENTION Technical Problem

For a user who owns apparatus used in a mobile environment such as anotebook PC or a portable terminal, the user has a high demand ofintending to access to contents in a household from a travel destinationor an inside of a train in the midst of commutation or the like by usingthe apparatus. On the other hand, according to the background artsdescribed above, a function of confirming that a transmission side and areception side apparatus are present in the same household when contentsof a copyright protection object are transmitted via a wired or awireless network. Consequently, an access cannot be executed to contentsof a copyright protection object from a going out destination.

Solution to Problem

Configurations described in, for example, claims are adopted forresolving the problem. Although the present application includes pluralmeans for resolving the problem, an example thereof is pointed out asfollows. There is provided a content transmission device fortransmitting digital contents to other device connected via a network,including a reception unit that receives digital contents accompaniedwith copy control information indicating conditions of restricting copyof the digital contents, a communication processing unit that transmitsand receives the digital contents, various data, and control commands toand from the other device, a connection determination unit thatdetermines whether the other device is present on an intra-residentialnetwork to which the content transmission device is connected, and acontrol unit that controls the reception unit, the communicationprocessing unit, and the connection determination unit, in which in acase where it is determined that the other device is notintra-residentially installed by using the connection determinationunit, the control unit does not output the digital contents received bythe reception unit from the communication processing unit to the otherdevice, which is a feature of the present application.

Advantageous Effects of Invention

A normal user can extra-residentially see and hear intra-residentialcontents from outside of a residence without exceeding a range ofpersonal use, which improves an availability of the user.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is an explanatory view showing a configuration example of asystem.

FIG. 2 is an explanatory view showing a configuration example of acontent transmission device.

FIG. 3 is an explanatory view showing a configuration example of aportable terminal (content reception device).

FIG. 4 is an explanatory view showing a configuration example of adevice information management unit.

FIG. 5 is an explanatory view showing a configuration example ofmanagement information.

FIG. 6 is an explanatory view showing an example of a deviceauthentication processing sequence executed between a content receptiondevice and a content transmission device.

FIG. 7 is an explanatory view showing an example of a deviceregistration processing sequence for extra-residential access executedbetween a content reception device and a content transmission device.

FIG. 8 is an explanatory view showing a configuration example of anextra-residential access information table.

FIG. 9 is an explanatory view showing an example of a deviceregistration processing sequence for an extra-residential accessexecuted between a content reception device and a content transmissiondevice.

FIG. 10 is an explanatory view showing a screen example of a deviceregistration processing sequence for an extra-residential access.

FIG. 11 is an explanatory view showing an example of a deviceauthentication processing sequence for an extra-residential accessexecuted between a content reception device and a content transmissiondevice.

FIG. 12 is an explanatory view showing a configuration example of acontent using descriptor included in contents received by a contenttransmission device.

FIG. 13 is an explanatory view showing a configuration example of adigital copy control descriptor included in a content received by acontent transmission device.

FIG. 14 is an explanatory view showing a configuration example of adigital content output control table which is referred to in a casewhere contents received by a content transmission device is delivered toan intra-residential content reception device.

FIG. 15 is an explanatory view showing an example of a storageprocessing flow in a case where contents received by a contenttransmission device are recorded.

FIG. 16 is an explanatory view showing an example of a contentaudio-visual processing sequence from inside of a residence executedbetween a content reception device and a content transmission device.

FIG. 17 is an explanatory view showing an example of a creationprocessing sequence of content list information created by a contenttransmission device.

FIG. 18 is an explanatory view showing an example of a contentaudio-visual processing sequence from outside of a residence executedbetween a content reception device and a content transmission device.

FIG. 19 shows a configuration example of threshold information 1900storing various thresholds and set values used by a deviceauthentication processing unit 108.

FIG. 20 is an explanatory view showing a data configuration example in acase where contents are transmitted by using HTTP protocol in a contentaudio-visual processing from outside of a residence between a contentreception device and a content transmission device.

FIG. 21 shows a configuration example of a packet monitoring table 2100which is used in a case where filtering by TTL is executed forrespective port numbers at a communication processing unit of a contenttransmission device.

FIG. 22 shows an example of a procedure of a packet filtering processingS2200 in a case where filtering by TTL is executed for respective portnumbers.

FIG. 23 shows a configuration example of a connection management table2300 which is used in a case where filtering of a packet for a deviceauthentication processing by TTL is executed for respective TCPconnections at a device authentication processing unit of a contenttransmission device.

FIG. 24 shows an example of a procedure of a packet reception processingS22400 in a case where filtering of a packet for a device authenticationprocessing is executed by using a connection management table.

FIG. 25 is an explanatory view showing a configuration example of adigital content recording control table which is referred to in a casewhere contents received by a content transmission device are recorded.

FIG. 26 is an explanatory view showing a configuration example of asystem.

FIG. 27 is an explanatory view showing a configuration example of aportable terminal (content reception device).

FIG. 28 is an explanatory view showing an example of a deviceregistration processing sequence for an extra-residential accessexecuted among a content reception device, a content transmissiondevice, and a VPN correspondence router.

FIG. 29 is an explanatory view showing an example of a contentaudio-visual processing sequence from outside of a residence executedbetween a content reception device and a content transmission device.

DESCRIPTION OF EMBODIMENTS

Embodiments will be explained in reference to the drawings as follows.

First Embodiment 1. System Configuration

FIG. 1 shows a system configuration example according to firstembodiment of the present invention. At a user residence 1, a contenttransmission device 100 and a content reception device 300 arerespectively connected to a network hub device 11 by a cable of wiredLAN, and the network hub device 11 is connected to a router 12. Therouter 12 is connected to the internet 3 via a modem, anoptical/electrical converter or the like. The content transmissiondevice 100 and the content reception device 300 can receive contentsdelivered from content provision origins (5 a, 5 b) via an antenna 10 orvia the internet 3. As the contents provision origins, there are abroadcasting station delivering contents from ground digital orsatellite digital (BS/CS), a cable via the antenna 10, a contentdelivery provider providing a VOD service or an IP broadcasting servicevia the internet 3 which are acTVila or Hikaritv.

At a going out destination of a user (for example, hotel, company or thelike) 2, a portable terminal 300 of the user can communicate with awireless access point 22, and connectable to the internet 3 via therouter 22. A content reception device 400 installed at the going outdestination is connected to the internet 3 via a router 21.

At another user residence 4, a content transmission and reception device500 and a content transmission and reception device 600 are respectivelyconnected to a network hub device 11 by a cable of wired LAN, and thenetwork hub device 41 is connected to a router 42. The router 42 isconnected to the internet 3 via a modem, an optical/electrical converteror the like.

In the network, standard IP (Internet Protocol) is used as a networkprotocol, and TCP (Transmission Control Protocol) and UDP (User DatagramProtocol) are used for a transport protocol at a higher order. Fortransmitting contents, an application protocol at a higher order, forexample, RTP (Real-time Transport Protocol) or HTTP (Hyper Text TransferProtocol), FTP (File Transfer Protocol) or the like is used.Incidentally, although there are IPv4 and IPv6 in IP as differences inversion, IP is not limited to either one thereof.

The content transmission device 100, as well as the portable terminal200, the content reception device 300, the content reception device 400,the content transmission and reception device 500, the contenttransmission and reception device 600, and the routers 12, 22, 42respectively own IP addresses for identifying themselves on an IPnetwork. Interface units of respective network communication processingcircuits are given MAC (Media Access Control) addresses of 48 bits. Insetting IP addresses to respective devices, for example, the router 12or the router 21 is operated as DHCP servers by DHCP (Dynamic HostConfiguration Protocol), and the IP addresses of the respective devicesmay be allocated therefrom.

Incidentally, in a case of using IPv6 (Internet Protocol Version 6), therespective devices can determine the IP addresses of their own from 64bits at higher orders of the IP addresses of the routers 12, 22, 42 andthe MAC addresses by a method referred to as stateless automaticsetting.

Here, although the respective devices are connected by wired LAN atinside of the user residence 1 in FIG. 1, LAN using a wireless accesspoint or the like may be used. A mode in which the hub 11 and the router12 are integrated, or the hub 41 and the router 42 are integrated willdo.

FIG. 2 shows a configuration example of the content transmission device100. The content reception device 300, the content transmission andreception device 400, the content transmission and reception device 500,and the content transmission and reception device 600 includeconfigurations at least similar to a device authentication processingunit 108, an encryption/decryption processing unit 112, a communicationprocessing unit 113, and a control unit 115.

The content transmission device 100 includes a tuner 101, ademultiplexer 103, a decoder 104, a display unit/speaker 105, a digitalimage/voice input terminal 106, a digital image/voice output terminal116, an input processing unit 107, the device authentication processingunit 108, a device information management unit 109, arecording/reproducing processing unit 110, a recording unit 111, theencryption/decryption processing unit 112, the communication processingunit 113, a digital input/output terminal 114, the control unit 115, anda time management unit 120. As the content transmission device 100, forexample, a mode of HDD including TV, HDD/BD recorder, PC, NAS (NetworkAttached Storage) or the like is conceivable.

The tuner 101 receives a digital broadcasting service (ground wavebroadcasting, satellite broadcasting or the like) delivered by thecontents provision origin 5 a via the antenna 10, selects a desiredchannel from plural channels, and demodulates a program subjected todigital modulation. The plural channel may include a channel receivedfrom a coaxial call cable, an optical cable or the like.

The demultiplexer 103 extracts voice data, image data, programinformation, data, copy control information or the like from abroadcasting program. Incidentally, after the extraction, a descrambler,not illustrated, may descramble the extracted broadcasting program.

The decoder 104 decodes compressed voice data or image data included ina broadcasting program inputted via the tuner 101, contents stored inthe recording unit 111, or contents receiving IP content deliveryservice via the IP network delivered by a contents provision origin 5 b(IPTV service, VOD service, download service, etc.) via the digitalinput/output terminals 114 to decompress into an original voice signalor an original image signal.

The display unit/speaker 105 reproduces an image/voice signal outputtedfrom the decoder 104, and an image/voice signal inputted from thedigital terminal 106. Although according to the present embodiment, anexample of including the display unit/speaker 105 in the contenttransmission device 100 is shown, the display unit/speaker 105 mayexternally be attached in a mode of not having the display unit/speaker105.

The digital image/voice input terminal 106 inputs uncompressed digitaldata from an external apparatus.

The digital image/voice output terminal 116 outputs uncompressed digitaldata to an external apparatus of the display unit/speaker 105 which isexternally attached.

The input processing unit 107 manipulates the content transmissiondevice 100 by using a remote controller, a touch panel, a keyboard, amouse or the like by a user.

The device authentication processing unit 108 authenticates whether thecontent transmission device 100 and other AV apparatus are apparatusnormally qualified by each other by a particular authenticationprotocol, and shares a key used for encrypting/decrypting contents inorder to transmit contents of a copyright protection object via a wiredor wireless network.

The device information management unit 109 manages informationconcerning an apparatus connected via a network in which theauthentication is succeeded in the device authentication processing unit108 or information necessary for the device authentication processingunit 108 in carrying out device authentication.

The recording/reproducing processing unit 110 executes a recordingcontrol for recording contents to the recording unit 111 and areproducing control for reproducing contents recorded at the recordingunit 111. Contents of an object of protecting a copyright is encryptedto decode, and decrypted to reproduce in accordance with a prescribedprocedure by using the encryption/decryption processing unit 112.Although according to the present embodiment, an example of includingthe recording/reproducing processing unit 110 to the contenttransmission device 100, a mode without having the recording/reproducingprocessing unit 110 will do.

The recording unit 111 is a memory for recording a broadcasting program.The memory may be included or attachable and detachable HDD or opticaldisk (DVD or BD), a memory card, or a hybrid mode combining these.

The encryption/decryption processing unit 112 decrypts IP contentsreceived via the digital input/output terminal 114 via a network byusing a key shared at the device authentication processing unit 108 inaccordance with a prescribed procedure defined and operated by thecontents provision origins 5 a and 6 b (for example, DTCP-IP, Marlin,PlayReady, CMLA-OMA V2) or the like.

The encryption/decryption processing unit 112 executes encryption inaccordance with a prescribed procedure which is previously determinedfor respective input paths or record media (for example, CSS in a caseof DVD, AACS in a case of VD, original encryption code in a case of HDD)when a broadcasting program inputted via the tuner 1 or the decryptedcontents is(are) recorded to the recording unit 111.

Similarly, the encryption/decryption processing unit 112 decryptscontents stored in the recording unit 111 or contents stored to mountedmedia in accordance with a prescribed procedure which is previouslydetermined for respective input paths or record media.

The encryption/decryption processing unit 112 executes encryption byusing a key shared at the device authentication processing unit 108 whena broadcasting program received via the tuner 101 or contents decoded asdescribed above is(are) transmitted via the digital input/outputterminal 114 via the network.

The communication processing unit 113 transmits a broadcasting programinputted via the tuner 101, contents stored in the recording unit 111,or a control command created at the device authentication processingunit 108 or the control unit 115 to other device connected by thedigital input/output terminal 114 and the network. The communicationprocessing unit 113 receives contents or control commands from otherdevice connected via the digital input/output terminal 114 and thenetwork. Here, although the present embodiment shows an example in whichthe communication processing unit 113 is a wired network, a wirelesscommunication processing realizing a wireless network may be added.

The demultiplexer 103, the decoder, the input processing unit 107, thedevice authentication processing unit 108, the device informationmanagement unit 109, the recording/reproducing processing unit 110, theencryption/decryption processing unit 112, the communication processingunit 113, and the time management unit 120 can realize functions of therespective units described above by developing various programs storedto the recording unit 111 to a memory, not illustrated, and executingthe various programs by the control unit 115.

The respective functions realized as software can also be realized ashardware by creating an integrated circuit as processing units executingrespective processings. In the following, in order to simplify theexplanation, the explanation will be given such that the respectiveprocessings realized by executing the respective functions of thedemultiplexer 103, the decoder 104, the input processing unit 107, thedevice authentication processing unit 108, the device informationmanagement unit 109, the recording/reproducing processing unit 110, theencryption/decryption processing unit 112, the communication processingunit 113, and the time management unit 120 by the control unit 115 areindependently executed by the respective processing units. Incidentally,in a case of realizing the respective processing units by hardware, therespective processing units independently execute the respectiveprocessings.

The digital input/output terminal 114 inputs and outputs contents orcontrol commands to and from other device via the network. As describedabove, the VOD service or the IP broadcasting service provided by thecontents delivery origin 5 b is received via the digital input/outputterminal 114.

The control unit 115 integrally controls operations of the tuner 101,the demultiplexer 103, the decoder 104, the display unit/speaker 105,the digital image/voice input terminal 106, the digital image/voiceoutput terminal 116, the input processing unit 107, the deviceauthentication processing unit 108, the device information managementunit 109, the recording/reproducing processing unit 110, the recordingunit 111, the encryption/decryption processing unit 112, thecommunication processing unit 113, the digital input/output terminal114, and the time management unit 120 of the content transmission device100.

The time management unit 120 manages time by using time informationincluded in a broadcasting signal inputted via the tuner 101 and timeinformation provided by the NTP (Network Time Protocol) server presenton the internet 3. NTP is a protocol for synchronizing a timepieceprovided to a device to correct time in the device connected to thenetwork.

FIG. 3 shows a configuration example of the portable terminal (contentreception device) 200.

The portable terminal 200 is configured by the tuner 101, thedemultiplexer 103, the decoder 104, the display unit/speaker 105, thedigital image/voice output terminal 116, a camera image taking unit 201,the communication processing unit 113, the input processing unit 107,the device authentication processing unit 108, the device informationmanagement unit 109, the recording/reproducing processing unit 110, therecording unit 111, the encryption/decryption processing unit 112, awireless encryption/decryption processing unit 202, a wirelesscommunication processing unit 203, the control unit 115, and the timemanagement unit 120.

The camera image taking unit 201 is a portion of taking an image by acamera.

The recording unit 111 is a nonvolatile memory storing a dynamicpitcher/still picture taken by the camera image taking unit 201, aprogram received via the tuner 101, personal information, information ofan address book, and suchlike. A built-in or detachable memory mode isconceivable.

The wireless encryption/decryption processing unit 202 is a portion ofencrypting/decrypting contents or control data received via the wirelesscommunication processing unit 203 via a wireless network, or contents orcontrol data outputted from the encryption/decryption processing unit214 by using an encryption algorithm for a wireless network (forexample, WEP (Wired Equivalent Privacy) or WPA2 (Wi-Fi ProtectedAccess), etc.).

The wireless communication processing unit 203 is a portion oftransmitting/receiving contents or control commands to/from the wirelessaccess point 23 connected by wireless LAN or other AV apparatus.

The other portions are similar to those of the content transmissiondevice 100.

FIG. 4 shows a configuration example of the device informationmanagement unit 109 in the respective apparatus.

The device information management unit 109 includes a timer 1091, adevice information updating unit 1902, and a device information storingunit 1093.

The timer 1091 is a portion used for measuring time in a case where itis confirmed whether a device of a counterparty of an authentication ispresent at inside of a residence by the device authentication processingunit 108 as described later, or in a case of managing an effectiveperiod of registration information stored to the device informationstoring unit 1093 as described later.

The device information updating unit 1092 is a portion of managing theeffective period of the registration information held at the deviceinformation storing unit 1093 described later, and executingregistration/updating/deletion as necessary.

The device information storing unit 1093 is a portion of holdinginformation concerning the device of the counterparty of theauthentication in a case where the device authentication is succeeded atthe device authentication processing unit 109.

FIG. 5 is a configuration example of device information 5000 stored atthe device information storing unit 1093.

The device information 5000 is configured by a definition table 5100, anintra-residential device information table 5200, and anextra-residential device information table 5300.

The definition table 5100 is configured by a device authenticationmaximum number 5101, extra-residential registration maximum number 5102,an intra-residential counter maximum value 5103, an extra-residentialcounter maximum value 5104, a simultaneous access maximum number 5105,and an extra-residential simultaneous maximum number 5106.

The device authentication maximum number 5101 indicates a maximum numbercapable of executing device authentication between a transmission deviceand a reception device of contents by using the device authenticationprocessing unit 108.

The extra-residential registration maximum number 5102 indicates amaximum number of registerable extra-residential access devices. Forexample, “20” is set.

The intra-residential counter maximum value 5103 indicates a maximumvalue of intra-residential counters set to the timer 1091.

The extra-residential counter maximum value 5104 indicates a maximumnumber of extra-residential counters set to the timer 1091.

The simultaneous access maximum number 5105 indicates a maximum value ofaccepting content access requests.

The extra-residential simultaneous maximum number 5106 indicates amaximum number of accepting content access requests from outside of aresidence. For example, “1” is set.

On the other hand, the intra-residential device information table 5200is configured by ID 5201, device ID 5202, address information 5203,intra-residential counter value 5204, transmission status 5205, exchangekey for MOVE 5206, an intra-residential exchange key 5220, anauthentication device number 5221, and a simultaneous access number5222.

ID 5201 indicates a registration number of the table.

The device ID 5202 indicates an identifier uniquely identifying eachdevice. The device ID 5202 is information inherent to the device createdby a particular authentication organization, and previously preserved ina nonvolatile memory in manufacturing each device, or safely recorded toa nonvolatile memory after executing a particular registrationprocessing after purchase and has a unique value for each device.Otherwise, information of a public key or the like may be included.

Address information 5203 indicates IP address (IPv4/IPv6) or MAC addressof each device on a network. The IP address may be limited to an addressmode assuming an intra-residential use such as private address or localaddress.

The intra-residential counter value 5204 indicates a current value ofthe intra-residential counter set to the timer 1091.

The transmission status 5205 indicates a situation of transmittingcontents to a content reception device (for example, accessing, stop,etc.).

The exchange key for MOVE 5206 indicates key information or additionalinformation thereof (label, kind of key, etc.) used inencryption/decryption processing when contents are moved (MOVE) to acontent reception device. The exchange key for MOVE is shared along withthe content reception device in conformity with a prescribed procedure,has a using method different from that of the intra-residential exchangekey 5220 described later, and has a value which differs for each contentreception device.

The intra-residential exchange key 5220 indicates key information oradditional information thereof (label, kind of key, etc.) used inencryption/decryption processing when contents are transmitted between acontent transmission device and a content reception device disposed atinside of a residence. Details thereof will be explained in reference toFIG. 6.

The authentication device number 5221 indicates a number of contentreception devices finished with device authentication with the owndevice. In a case where the value reaches the device authenticationmaximum number 5101, the device authentication processing thereafter isnot executed, or the device authentication request from the contentreception device is not accepted.

The simultaneous access number 5222 indicates a number of contentreception devices which are going to start transferring contents withthe own device, or already executing to transfer contents with the owndevice. In a case where the value reaches the simultaneous accessmaximum number 5105, contents transfer thereafter is not executed, or acontent transmission request from a content reception device is notaccepted.

The extra-residential device information table 5300 is configured by ID5301, device ID 5302, address information 5303, an extra-residentialexchange key 5304, a transmission status 5305, an extra-residentialcounter value 5306, an extra-residential registration number 5321 and anextra-residential simultaneous access number 5322.

ID 5301 indicates a registration number of the table.

The device ID 5302 indicates an identifier for uniquely identifying eachdevice, and information similar to the device ID 5202.

The address information 5303 indicates an IP address (IPv4/IPv6), or MACaddress of a content reception device accessed extra-residentially.

The extra-residential exchange key 5304 indicates key information oradditional information thereof (label, kind of key, etc.) used in theencryption/decryption processing when contents are transmitted between acontent transmission device and an extra-residential content receptiondevice.

The transmission status 5305 indicates a situation of transmitting tothe extra-residential content reception device (for example, accessing,stop or the like).

The extra-residential counter value 5306 indicates a current value ofthe extra-residential counter set to the timer 1091.

The extra-residential registration number 5321 indicates a registrationnumber of a content reception device accepting a remote access fromoutside of the residence to the own device. An explanation will be givenof a procedure of registering the content reception device in referenceto FIG. 7 and FIG. 9 described later. In a case where the value reachesthe extra-residential registration maximum number 5102, a registrationrequest thereafter is not accepted.

The extra-residential simultaneous access number 5322 indicates a numberof extra-residential content reception devices which is going to starttransferring contents with the own device, or which is already executingto transfer contents with the own device. In a case where the valuereaches the extra-residential simultaneous maximum number 5106, contentstransfer thereafter is not executed, or a content transmission requestfrom an extra-residential content reception device is not accepted.

Here, although according to the present embodiment, theintra-residential counter value 5204 and the extra-residential countervalue 5306 are respectively provided separately in the intra-residentialdevice information table 5200 and the extra-residential deviceinformation table 5300, the intra-residential counter value 5204 of theintra-residential device information table 5200 may be shared.

2. Authentication of Device Present at Inside of Residence

FIG. 6 shows a device authentication processing sequence executedbetween the content transmission device 100 and the content receptiondevice 300 present at inside of the user residence 1 in the systemconfiguration shown in FIG. 1. Hereinafter, an authentication processingexplained in reference to FIG. 6 is referred to as normalauthentication.

Here, TCP is used as the protocol for transmitting/receiving informationfor a device authentication processing. When various kinds ofinformation of an authentication request to a device of a counterpartyand an authentication response thereto are transmitted, confirmation ofreception thereto is returned from the device of the counterparty,thereby, a communication path capable of detecting a transmission erroris ensured. Incidentally, in FIG. 6, transmission/reception of data forestablishment and abandonment of a connection by TCP is omitted.

Data transmitted/received between the content transmission device 100and the content reception device 300 is transmitted as IP packets. In adevice authentication processing 5600, the content transmission device100 and the content reception device 300 monitor TTL (Time To Live) ofreceived packets, and prevent an access from outside of the userresidence 1 by abandoning packets set with values of TTL exceeding anintra-residential reception restriction TTL value of a TTL table 1910indicated in FIG. 19 described later.

For that purpose, the content transmission device 100 and the contentreception device 200 set TTL of transmitting packets to be equal to orless than the intra-residential restriction TTL value 1911 of the TTLtable 1910.

In the present sequence, first, the content reception device 300 createsan authentication request. The device authentication processing unit 108of the content reception device 300 attaches information inherent to thedevice including the device ID, and a deed for the information inherentto the device to the authentication request to transmit the content thereception device 100 via the communication processing unit 113 (S601).

When the device authentication processing unit 108 of the contenttransmission device 100 receives the authentication request via thecommunication processing unit 113 and transmits confirmation ofreception thereof to the content reception device 300 (S602), the deviceauthentication processing unit 108 of the content reception device 100creates an authentication request from an own side, and attachesinformation inherent to the content transmission device 100 and a deedthereof to the authentication request to transmit to the contentreception device 300 similar to the case of the content reception device(S603).

The device authentication processing unit 108 of the content receptiondevice 300 receives the authentication request, and transmitsconfirmation of reception thereof to the content transmission device 100(S604).

Next, the device authentication processing unit 108 of the contenttransmission device 100 verifies respective information received inresponse to the authentication request, and transmits an authenticationresponse attached with parameters necessary for creating the keyinformation to the content reception device 300 (S605).

The device authentication processing unit 108 of the content receptiondevice 300 receives the authentication response and transmitsconfirmation of reception thereof to the content transmission device 100(S606), thereafter, transmits an authentication response attached withparameters necessary for creating the key information to the contenttransmission device similar to the case of the content transmissiondevice (S607), and creates an authentication key common to the contenttransmission device 100 by using necessary parameters.

The device authentication processing unit 108 of the contenttransmission device 100 receives the authentication response andtransmits confirmation of reception thereof to the content receptiondevice 300 (S608), and creates an authentication key common to thecontent reception device 300 by using necessary parameters similar tothe content reception device.

The device authentication processing unit 108 of the contenttransmission device 100 and the device authentication processing unit108 of the content reception device 300 create and share theauthentication key common to each other in the procedure up to thispoint.

Next, the content transmission device 100 confirms whether the contentreception device 300 is registered to the device information table 5200and a value is set to the intra-residential counter value 5204 in orderto confirm whether the content reception device 300 is a device presentat inside of the residence. In a case where the value is not set to theintra-residential counter value 5204 as a result of the confirmation,the content transmission device 100 transmits a statement of preparingan intra-residential confirmation to the content reception device 300(S609).

When the device authentication processing unit 108 of the contentreception device 300 receives the notification of preparing theintra-residential confirmation, and transmits confirmation of receptionthereof to the content transmitting device 100 (S610), the deviceauthentication processing unit 108 creates a notification of preparingan intra-residential confirmation from the own side to transmit to thecontent transmission device 100 (S611).

When the device authentication processing unit 108 of the contenttransmission device 100 receives the notification of preparing theintra-residential confirmation and transmits confirmation of receptionthereof to the content reception device 300 (S612), the deviceauthentication processing unit 108 transmits a request for settingintra-residential confirmation attached with information necessary forintra-residential confirmation to the content reception device 300(S613).

The device authentication processing unit 108 of the content receptiondevice 300 receives the request for setting the intra-residentialconfirmation, and executes a message authentication code creatingprocessing based on data included in the request for setting theintra-residential confirmation as a preparation necessary for theintra-residential confirmation, and transmits confirmation of receptionto the content transmission device 100 (S614).

The device authentication processing unit 108 of the contenttransmission device 100 receiving the confirmation of reception executesa message authentication code creating processing based on datatransmitted to the content reception device 300 at 5613, starts thetimer 1091 in the device information management unit 103, thereafter,transmits a request for executing an intra-residential confirmationincluding the message authentication code in order to confirm whetherthe content reception device 300 is present at inside of the residenceto the content reception device 300 (S615).

The device authentication processing unit 108 of the content receptiondevice 300 receives the request for executing the intra-residentialconfirmation, and transmits confirmation of reception including themessage authentication code created at S614 to the content transmissiondevice 100 (S616).

When the device authentication processing unit 108 of the contenttransmission device 100 receives confirmation of reception, the deviceauthentication processing unit 108 stops the timer 1091, and confirmswhether a measured value (T1) until receiving the confirmation receptionafter issuing the request for executing the intra-residentialconfirmation does not exceed an intra-residential confirmation time outvalue (T) 1921 of an intra-residential confirmation threshold table1920. Also, the device authentication processing unit 108 confirmswhether the message authentication code included in the receivedconfirmation of reception is correct.

In a case where the measured value (T1)≦the intra-residentialconfirmation time out value (T) 1921 of the intra-residentialconfirmation threshold table 1920, and the received messageauthentication code is correct, the device authentication processingunit 108 determines that the content reception device 300 is present atinside of the residence, and is a device present in a range of personaluse, and transmits a result of the intra-residential confirmation to thecontent reception device 300 (s617).

On the other hand, in a case where the measured value (T1)>theintra-residential confirmation time out value (T) 1921 of theintra-residential confirmation threshold table 1920, or in a case wherethe received message authentication code is not correct, the deviceauthentication processing unit 108 of the content transmission device100 determines that there is a possibility that the content receptiondevice 300 is present at outside of the residence, or the contentreception device 300 is an illegal device, and finishes the deviceauthentication processing by interrupting processings thereafter. Thedevice authentication processing unit 108 of the content receptiondevice 300 receiving a result of the intra-residential confirmationconfirms whether the message authentication code received at S615 iscorrect, and transmits confirmation of reception to the contenttransmission device 100 in a case where the message authentication codeis correct (S618).

S609 to S618 represent the intra-residential confirmation method for theintra-residential access in the normal authentication. Here, in a casewhere the content reception device 300 is registered to theintra-residential device information table 5200, and a value is set tothe intra-residential counter value 5204, the intra-residentialconfirmation processing is omitted.

On the other hand, in a case where the received message authenticationcode is incorrect, the device authentication processing unit 108finishes the device authentication processing by interruptingprocessings thereafter. When confirmation of reception is received, thedevice authentication processing unit 108 of the content transmissiondevice 100 creates an exchange key used in encrypting contents, andencrypts the exchange key by using the authentication key to transmit tothe content reception device 300 along with ID for identifying theexchange key (S619).

The device authentication processing unit 108 of the content receptiondevice 300 decrypts the exchange key transmitted from the contenttransmission device 100 by using the authentication key to transmitconfirmation of reception (S620).

When the confirmation of reception is received, the deviceauthentication processing unit 108 of the content transmission device100 registers information concerning the content reception device 300 tothe intra-residential device information table 5200 in the deviceinformation management unit 109 (S621).

For example, as shown in a record 5211 of ID 5201 in theintra-residential device information table 5200, the deviceauthentication processing unit 108 sets the device ID of the contentreception device 300 received at S601 to the device ID 5202, sets the IPaddress of the content reception device 300 on a network to the addressinformation 5203, sets the intra-residential counter maximum value 5103in the definition table 5100 to the intra-residential counter value5204, and sets “stop” to the transmission status 5205.

The device authentication processing unit 108 of the contenttransmission device 100 and the device authentication processing unit108 of the content reception device 300 can share a common exchange keyby the processing procedure shown in FIG. 6. The exchange key is set tothe intra-residential exchange key 5220 in the intra-residential deviceinformation table 5200 along with additional information concerning theexchange key and used for creating a common key forencrypting/decrypting contents. Also, the processings of S609 and S613and processings of S617 and S619 may respectively be summarized.

The procedure of FIG. 6 is explained concerning the intra-residentialdevice authentication processing executed between the contenttransmission device 100 and the content reception device 300 in a caseof transmitting contents at inside of a residence.

3. Extra-Residential Access Device Registration Processing

FIG. 7 shows an example of extra-residential access device registrationprocessing sequence executed between the content transmission device 100and the portable terminal (content reception device) 200 which arepresent at inside of the user residence 1 in the system configurationshown in FIG. 1. The extra-residential access device is a deviceexecuting an extra-residential access from outside of a residence to adevice at inside of the residence with seeing/hearing or copying, andMove of a copyright protection content as an object. In FIG. 7, theportable terminal (content reception device) 200 becomes anextra-residential access device.

It is assumed that the portable terminal (content reception device) 200is present at inside of the user residence 1 when the procedure isexecuted. The content transmission device 100 and the content receptiondevice 200 prevent an access from outside of the user residence 1 bymonitoring TTL of received packets, and abandoning a packet which is setwith a value of TTL exceeding the intra-residential restriction TTLvalue 1911 of the TTL table 1910 shown in FIG. 19 described later.Therefore, the content transmission device 100 and the content receptiondevice 200 set TTL of transmitted packets to be equal or less than theintra-residential restriction TTL value 1911 of the TTL table 1910.

First, the content transmission device 100 and the content receptiondevice 200 execute the device authentication processing S600 explainedin reference to FIG. 6.

Thereafter, the device authentication processing unit 108 of the contentreception device 200 creates an extra-residential access deviceregistration request to transmit to the content transmission device 100(S701). The extra-residential access device registration request caninclude information inherent to the device and a random number createdby using a prescribed calculation algorithm, a password which a usersets for extra-residential access or the like.

The device authentication processing unit 108 of the contenttransmission device 100 receives the extra-residential access deviceregistration request, and determines whether the content receptiondevice 200 has been registered to the extra-residential deviceinformation table 5300 by using, for example, the device ID 5302 or theaddress information 5303 at S702. When the content reception device 200has already been registered, the device authentication processing unit108 of the content reception device 100 returns confirmation ofreception including a status that the content reception device 200 hassucceeded to register or has finished the registration to the contentreception device 200 and the operation proceeds to S704.

In a case where the content reception device 200 has not been registeredyet, the device authentication processing unit 108 of the contenttransmission device 100 refers to the extra-residential registrationnumber 5321 in the extra-residential device information table 5300, anddetermines whether the number of devices registered forextra-residential access is less than the extra-residential registrationmaximum number 5102 of the definition table 5100. When the number hasalready reached the maximum number, the device authentication processingunit 108 of the content transmission device 100 interrupts theregistration processing, and transmits confirmation of receptionincluding a status that registration is impossible or the number reachesthe maximum number to the content reception device 200. On the otherhand, in a case where the number does not reach the maximum number, thedevice authentication processing unit 108 of the content receptiondevice 100 confirms that the device ID's of the content reception device200 received at S601 and S701 coincide with each other, thereafter, setsthe device ID of the content reception device 200 to the device ID 5302in the extra-residential device information table 530, sets MAC addressof the content reception device 200 on the network to the addressinformation 5303, sets “stop” to the transmission status 5305, and setsthe extra-residential counter maximum value 5104 in the definition table5100 to the extra-residential counter value 5306 (S703). Confirmation ofreception including a registration-succeeded or registered status atS704 is transmitted to the content reception device 200 at S704.

The device authentication processing unit 108 of the content receptiondevice 200 receiving the confirmation of reception from the contenttransmission device 100 refers to the status included in theconfirmation of reception, and in the case of the registration-succeededor registered status, creates or updates an extra-residential accessinformation table 60000 stored to the device management information unit109 (S705).

The device authentication processing unit 108 of the contenttransmission device 100 and the device authentication processing unit108 of the content reception device 200 can execute the registrationprocessing as an extra-residential access device only for a device whichhas been succeeded in the device authentication by executing processingsfrom S701 to S715 in addition to the device authentication processingS600.

A procedure of FIG. 7 has explained the extra-residential access deviceregistration processing S700 which is executed for registering thecontent reception device 200 to the content transmission device 100between the content transmission device 100 and the content receptiondevice 200 prior to transmit contents to an extra-residential device.

FIG. 8 shows a configuration example of the extra-residential accessinformation table 60000.

The extra-residential access information table 60000 is configured by ID60001, a connection destination address information 60002, andregistration information 60003.

ID 60001 indicates a registration number of the table.

The address information 60002 indicates IP address, MAC address, URL(Uniform Resource Locator), etc. for accessing to respective devices onan intra-residential network from outside of a residence.

The registration information 60003 indicates a user name and a passwordnecessary for the content reception device 200 to log in the contenttransmission device 100 or the router 12 from outside of the residence.

A key used for encryption/decryption of contents in an intra-residentialaccess can be shared and at the same time, the content reception deviceswhich execute the intra-residential access and the extra-residentialaccess to the content reception device can simultaneously be registeredonly in a case of confirming that the devices are devices which arenormally qualified between the devices and that the devices are devicespresent at inside of the residence by executing the processings of theprocedures shown in FIG. 6 and FIG. 7.

Here, after finishing the ordinary device authentication processingS600, the content transmission device 100 may provide a time periodcapable of receiving the extra-residential access device registrationrequest, and the content reception device 200 may be necessitated toissue the extra-residential access device registration request within aprescribed time period (for example, 24 hours).

FIG. 9 and FIG. 10 explain an example of a sequence of registered to thecontent transmission device 100 by manipulating the portable terminal(content reception device) 200 actually by a user by using theprocessings of the procedures shown in FIG. 6 and FIG. 7. Incidentally,a display content and a display order in a screen of the portableterminal 200 shown in FIG. 10 is only an example for explaining thepresent embodiment, and the present embodiment is not limited thereto.

The user displays a screen 1001 for registering a remotely accessedserver (that is, content transmission device) 100 by using amanipulating button or respective set menus of the portable terminal200. When the user selects “2) set connection server” on the screen1001, the portable terminal 200 displays a screen 1002 for displaying alist of content transmission devices present on the intra-residentialnetwork and including a function of delivering contents.

When the user selects “server 1” (in the case of the present embodiment,the content transmission device 100 is indicated) on the screen 1002(S901), the device authentication processing unit 108 of the portableterminal 200 creates a remote access function confirmation request forconfirming the presence of correspondence with a remote access functionto the content transmission device to transmit to the contenttransmission device 100 (S902).

The device authentication processing unit 108 of the contenttransmission device 100 receives the remote access function confirmationrequest, and determines whether the own device includes the remoteaccess function by, for example, whether the extra-residentialregistration maximum number 5102 and the extra-residential deviceinformation table 5300 are present at the definition table 5100 in thedevice information 5000. The device authentication processing unit 108of the content transmission device 100 returns confirmation of receptionincluding a determination result to the content reception device 200(S904).

The device authentication processing unit 108 of the portable terminal200 refers to the determination result received at S904, and displaysthe server 1 as a connectable server as shown in the screen 1003 in acase where the “server 1” includes the remote access function as in ascreen 1003. The screen 1003 displays that “server 1” includes theremote access function, and displays “2) register remote access” forregistering the own device to “server 1”.

When the user selects “2) register remote access” on the screen 1003,the device authentication processing unit 108 of the portable terminal200 executes the extra-residential access device registration procedureS700 shown in FIG. 7 with the content transmission device 100, andregisters the portable terminal 200 to the extra-residential deviceinformation table 5300 of the content transmission device 100.

Next, the portable terminal 200 transmits a request for acquiring URLfor remote access for acquiring information necessary for remotelyaccessing to the content transmission device 100 from outside of theresidence to the content transmission device 100 (S905).

The device authentication processing unit 108 of the contenttransmission device 100 receives the request for acquiring URL forremote access, and acquires information necessary for remotely accessingto the own device—for example, global IP address for accessing to theown device or the router 12, URL acquired from DDNS (Dynamic Domain NameSystem) server, a port number or the like—from the own device or therouter 12 as necessary at S906. The device authentication processingunit 108 of the content transmission device 100 returns confirmation ofreception including the information to the content reception device 200(S907).

The device authentication processing unit 108 of the portable terminal200 refers to the information received at S907 to register to theaddress information 60002 of the extra-residential access informationtable 60000 (S908).

4. Information Describing Restriction of Using Contents

An explanation will be given of an example of a content using descriptor1200 and a digital copy control descriptor 1300 as informationdescribing a restriction of using contents accompanied with the contentswhich the content transmission device 100 receives via the tuner 101,the cable, and the internet 3 in reference to FIG. 12 and FIG. 13. Also,an explanation will be given of output possible/impossible of an outputfrom the digital input/output terminal 114 of the content transmissiondevice 100, presence/absence of encryption, an encryption mode, and arecording control in accordance with information describing therestriction of using contents in reference to FIG. 14 and FIG. 25.

FIG. 12 shows a configuration of the content using descriptor 1200accompanied with contents which the content transmission device 100receives via the tuner 101, the cable, and the internet 3. Thedescriptor is set to SDT (Service Description Table) or EIT (EventInformation Table) of, for example, SI (Service Information: programalignment information).

The content using descriptor 1200 indicates information of controllingrecord of received contents or output to other content reception device,and is information added for controlling record/output of the contentsby the provision origins 5 a and 5 b of the contents (for example,broadcasting station or copyright owner side of content service provideror the like). The content using descriptor 1200 is used in combinationwith the digital copy control descriptor described later.

The content using descriptor 1200 includes a copy restriction mode(copy_restriction_mode) 1201, a resolution restriction bit(image_constraint_token) 1202, a retention control bit (retention_mode)1203, a retention acceptable time (retention_state) 1204, outputprotection bit (encryption_mode) 1205, and mode access restriction mode(remote_access_restriction_mode) 1206. Incidentally, the configurationof the content using descriptor 1200 may include other information andis not limited to the configuration example.

The copy restriction mode (copy_restriction_mode) 1201 indicates a copynumber restriction mode and is determined by an operation rule of acontent enterprise. For example, the copy restriction mode signifiesthat in a case of the value of “0”, the copy number restriction isoperated, and in a case of “1” of the value, the copy number restrictionis not operated. In a case where the information is not included(arranged), it is regarded that “1” is set as default.

The resolution restriction bit (image_constraint_token) 1202 indicatespresence/absence of restricting an image quality or an image signaloutputted from the digital image/voice output terminal 116. For example,the resolution restriction bit signifies that in a case of “0” of thevalue, the resolution of the image/voice output is restricted, and in acase of “1” of the value, the resolution is not restricted.

The retention control bit (retention_mode) 1203 indicates whetherretention of contents received with conditions is accepted. For example,the retention control bit signifies that in a case of “0” of the value,the retention can be executed even when the digital copy controldescriptor 1300 described later is “prohibit copy”, and in a case of “1”of the value, the retention cannot be executed.

The retention acceptable time (retention_state) 1204 indicates retentionacceptable time after receiving contents, for example, information ofwithout restriction, one hour and 30 minutes, three hours, one day, orone week is set.

The output protection bit (encryption_mode) 1205 indicatespresence/absence of output protection when the digital copy controldescriptor 1300 described later outputs contents of “copiable withoutrestriction condition” from the digital input/output terminal 114. Forexample, the output protection bit signifies that in a case of “0” ofthe value, a processing of output protection is executed, and in a caseof “1” of the value, the processing of output protection is notexecuted.

The remote access restriction mode (remote_access_restriction_mode) 1206indicates a mode of restricting use of received contents from terminals(portable terminal 200, content reception device 400, contenttransmission and reception devices 500 and 600) present at outside ofthe residence such as the going out destination 2 or the other userresidence 4, and is determined by an application rule of a contententerprise. For example, the remote access restriction mode signifiesthat in a case of “0” of the value, the use by the remote access isprohibited, in a case of “1” of the use, the use by the remote access isnot restricted. The content provision origins (5 a, 5 b) can restrictthe remote access to the contents by using the values in a processingthereafter.

FIG. 13 shows a configuration example of the digital copy controldescriptor 1300 inserted to contents which the content transmissiondevice 100 receives via the tuner 101, the cable, and the internet.

The digital copy control descriptor 1300 indicates information ofcontrolling copy generation in a digital recording device, and isinformation added to the content provision origins (for example,broadcasting station or copyright owner side of content service provideror the like) in a case of executing digital copy and analog copy fortransmitting information concerning record/copy to the contents to arecording device.

The digital copy control descriptor 1300 is configured by digital copycontrol information (digital_recording_control_data) 1301, copy controltype information (copy_control_type) 1302, and output copy controlinformation (APS_control_data) 1303. Incidentally, the configuration ofthe digital copy control descriptor 1300 may include other information,and is not limited to the configuration example.

The digital copy control information (digital_recording_control_data)1301 indicates information for controlling copy generation of receivedcontents. For example, the digital copy control information signifiesthat in a case of “00” of the value, “copiable without restrictioncondition”, in cases of “01” and “11”, “prohibit copy”, in a case of“10”, “copiable only for one generation”.

The copy control type information (copy_control_type) 1302 indicatesinformation of a type for controlling copy generation of receivedcontents. For example, the copy control type information signifies thatin a case of “01” of the value, the contents are encrypted by using anencryption system (for example, DTCP, DTCP-IP, Windows Media DRM, etc.)designated by the provision origin of contents to output from thedigital input/output terminal 114, and in a case of “11” of the value,the contents are outputted from the digital input/output terminal 114without being encrypted.

The analog output copy control information (APS_control_data) 1303indicates information of restricting copy of an analog output in a caseof “01” or “11” of the value of the copy control type information. Forexample, the analog output copy control information signifies that in acase of “00” of the value, copiable without restriction condition, andin a case of the other value, copy is restricted by some restrictioncondition.

FIG. 14 indicates a configuration example of a digital content outputcontrol table 1400 in a case where the content transmission device 100refers to the content using descriptor 1200 and the digital copy controldescriptor 1300 inserted to contents which the content transmissiondevice 100 receives via the tuner 101, the cable, and the internet, andtransmits the contents to other content reception device connected fromthe digital input/output terminal 116 to an intra-residential network.

FIG. 25 shows a configuration example of a digital content control table2500 in a case where the content transmission device 100 refers to thecontent using descriptor 1200 and the digital copy control descriptor1300 inserted to the contents which the content transmission device 100receives via the tuner 101, the cable, and the internet, and records thecontents to the recording unit 111.

5. Store Content to Content Transmission Device

An explanation will be given of a content storing processing at thecontent transmission device 100 in reference to FIG. 15 as follows.

FIG. 15 shows an example of a flow of a procedure S1500 recording abroadcasting program which the content transmission device 100 receivesvia the tuner 101, the cable, the Internet. An explanation will be givenof a procedure of recording the broadcasting program in reference toFIG. 14 and FIG. 15. Incidentally, assume that the contents aredigitally recorded to the content recording device.

In a case where a user instructs the content transmission device 100 torecord a currently receiving broadcasting program from a program tableor a seeing and hearing broadcasting program screen by using a remotecontroller or a touch panel, the input processing unit 107 of thecontent transmission device 100 notifies the case to the control unit115 (S1501).

The control unit 115 of the content transmission device 100 determineswhether a record destination of the broadcasting program instructed bythe user is currently installed at inside of the residence (S1502). As aresult, in a case of a recording device which is not installed at insideof the residence (that is, taken out to outside of residence), thecontrol unit 115 displays the statement that the recording cannot beexecuted on an error screen and the processings are finished (S1503).Here, at S1501, there is also a method of registering only a devicewhich is currently installed at inside of the residence to a list ofcandidates of recording devices which the user instructs to select, or amethod of not displaying a device registered to the extra-residentialdevice information table 5300 in the list.

In a case of a recording device installed at inside of the residence asa result of determination at S1502, the control unit 115 refers to thedigital copy control information 1301 of the digital copy controldescriptor 1300 with regard to the contents which the user instructs torecord, and the digital copy recording control table 2500 (S1504). Thecontrol unit 115 confirms that a value of the digital copy controlinformation 1301 is either of “00: copiable without restrictioncondition (Copy free)”, and “10: copiable only for one generation (Copyone generation)” (S1505). That is, a combination of 2501 through 2502,2504 through 2506, and 2508 of the digital copy recording control table2500 means recordable. As a result, in a case of not any value, thecontrol unit 115 displays a statement of unrecordable on the errorscreen of the display unit 105, and finishes the processings (S1506).

In a case where a result confirmed at S1505 is either value of “00” and“10”, the control unit 115 acquires a value of the remote accessrestriction mode 1206 of the content using descriptor 1200 (S1507). Thecontrol unit 115 determines whether the record destination of thebroadcasting program instructed by the user is the recording unit 111 inthe own device, or a recording device present on the intra-residentialnetwork via the digital input/output terminal 114 (S1508).

In a case where the record destination of the broadcasting program isthe recording unit 111 in the own device as a result of determination atS1508, the control unit 115 determines whether the value of the remoteaccess restriction mode 1206 acquired at S1507 is “1: remote access notrestricted (default)”, (S1509). In a case where the value of the remoteaccess restriction mode 1206 is other than “1”, the operation proceedsto S1511, and recording to the recording unit 111 is started by therecording/reproducing processing unit 110. In a case where the value ofthe remote access restriction mode 1206 is “1”, the control unit 115starts measuring time by using the timer 1091 (S1510), thereafter,starts recording the contents to the recording unit 111 by using therecording/reproducing processing unit 110 (S1511).

Here, in a case of recording the contents to the recording unit 111 atS1511, although the contents may not be encrypted by theencryption/decryption processing unit 112 in a combination 2501 of (copycontrol type information, digital copy control information, outputprotection bit)=(01, 00, 1) or a combination 2508 of (11, 00, -), in theother combination, the encryption/decryption processing unit 112encrypts the contents in accordance with a prescribed procedure which ispreviously determined for respective record media by the othercombination.

The recording/reproducing processing unit 110 records the digital copycontrol descriptor 1300, and the content using descriptor 1200 alongwith the contents. In that case, in a case of a combination of 2505 and2506 of the digital copy recording control table 2500, that is, in acase of copiable only for one generation, the recording/reproducingprocessing unit 110 changes the value of the digital copy controlinformation 1301 to “01: prohibit recopying” to record.

The time started to be measured at S1510 may be used as a determinationcriteria of whether seeing and hearing by the remote access from outsideof a residence is accepted concerning contents (remote access to whichis accepted) which is started to be recorded. For example, the controlunit 115 of the content transmission device 100 accepts seeing, hearing,and reproducing recorded contents to the content reception device 200remotely accessing from outside of the residence after measurement timeelapses for prescribed time by using the retention acceptable time 1204of the content using descriptor 1200 or remote access acceptable timenewly added to the content using descriptor 1200. The remote accessacceptable time may be stored to the recording unit 110 incorrespondence with the contents, and may not necessarily be a mode ofthe content using descriptor 1200. The content transmission device 100can determine the remote access acceptable time by receiving the remoteacceptable time in correspondence with the contents, or based onprescribed information received in correspondence with the contents fromthe contents provision origins 5 a and 5 b. Recording as well as seeing,hearing, and reproducing are accepted to the content reception device300 installed at inside of the residence similar to seeing and hearingby the own device (content transmission device 100).

On the other hand, in the case where the record destination of thebroadcasting program is other recording device (for example, contentreception device 300) present on the intra-residential network as aresult of the determination at S1508, the control unit 115 of thecontent transmission device 100 refers to the content output controltable 1400 of FIG. 14 (S1512), and confirms that the contents can beoutputted via the digital input/output terminal 114, and recording isaccepted. That is, the control unit 115 of the content transmissiondevice 100 refers to the digital copy control information 301 and thecopy control type information 1302 of the digital copy controldescriptor 1300, and the output protection bit 1205 of the remote accessrestriction mode 1206 of the content using descriptor 1200, anddetermines to which of the following conditions the digital controloutput corresponds (S1513).

1) Combination 1401 of the digital content output control table 1400

(a) Copy control type information 1302 “01 (execute DTCP protection)”

(b) Digital copy control descriptor 1300 “00 (copiable withoutrestriction condition)”

(c) Output protection bit 1205 “1 (output protection not present)”

2) Combination 1402 of digital content output control table 1400

(a) Copy control type information 1302 “01 (execute DTCP protection)”

(b) Digital copy control descriptor 1300 “00 (copiable withoutrestriction condition)”

(c) Output protection bit 1205 “0 (output protection present)”

(d) Remote access restriction mode 1206 “1 (remote access notrestricted)”

3) Combination 1405 of digital content output control table 1400

(a) Copy control type information 1302 “01 (execute DTCP protection)”

(b) Digital copy control descriptor 1300 “10 (copiable only for onegeneration)”

(c) Remote access restriction mode 1206 “1 (remote access notrestricted)”

4) Combination 1408 of the digital content output control table 1400

(a) Copy control type information 1302 “11 (not execute DTCPprotection)”

(b) Digital copy control descriptor 1300 “00 (copiable withoutrestriction condition)”

In a case where the determination result does not correspond to anyof 1) through 4) described above, the control unit 115 of thetransmission device 100 displays an error screen of the display unit 105of unrecordable statement by the recording/reproducing processing unit110, and the processings are finished (S1514).

When the determination result corresponds to any of 1) through 4)described above, that is, the contents can be outputted via the digitalinput/output terminal 114 as a result of the determination at S1513, thecontrol unit 115 starts an output processing of the contents to thecontent reception device 300 (S1515). Here, although not illustrated, inthe output processing, a record request is issued from the contenttransmission device 100 to the content reception device 300, the deviceauthentication processing S600 described in FIG. 6 is executed asnecessary. When the device authentication processing is succeeded, thedevice authentication processing unit 108 of the content transmissiondevice. 100 creates a common key for encrypting contents based on aprescribed algorithm by using an exchange key shared with the contentreception device 300, and a packet format described in FIG. 20 isoutputted via the communication processing unit 113 and the digitalinput/output terminal 114 while encrypting the contents by the commonkey at the encryption/decryption processing unit 112.

In the procedure described above, in a case where the remote accessrestriction mode 1206 of the content using descriptor 1200 is notpresent in the contents, a value of the remote access restriction mode1206 is regarded as “1 (remote access not restricted)”.

The following effect is achieved by executing the procedure describedabove.

1) At S1502/S1503, the content transmission device 100 can prohibitseeing, hearing, and recording of a currently receivable program via thetuner 101 or via the internet 3 (live broadcasting or IPTV broadcastingwhich is a broadcasting program in real time, VOD service) at thecontent reception device 200 by remote access from outside of theresidence.

2) In a case where the content provision origins (5 a, 5 b) do notaccept remote access to the contents (the value of the remote accessrestriction mode 1206 is 0), the contents are recorded only to therecord media included in the content transmission device 100 whichdirectly receives the contents, and recording of the contents to theother content reception device at inside of the residence including therecord media via the digital input/output terminal 114 can berestricted.

In the procedure described above, the processing at S1502 may beexecuted after S1505. Also, the processing at S1507 may be executedafter S1508.

Here, although the procedure described above has explained a case wherethe user instructs to record the currently receiving broadcastingprogram, the procedure is applicable also in setting a reservation forrecording a broadcasting program, or in executing a reservation forrecording the broadcasting program.

6. Seeing and Hearing Contents at Inside of Residence

FIG. 16 shows an example of a processing sequence in a case of seeingand hearing contents stored at the recording unit 111 of the contenttransmission device 100 by the content reception device 300 at inside ofthe user residence 1 in the system configuration shown in FIG. 1.

First, when the user instructs seeing and hearing contents by using theinput processing unit 107 of the content reception device 300, thecontrol unit 115 of the content reception device 300 displays a list ofthe content reception devices on the display unit/speaker 105 (screen1002). The user selects the desired content transmission device 100 onthe display screen (S1601).

Here, the content reception device 300 may display the list of thecontent transmission devices by detecting devices present on theintra-residential network. As a method of detecting the contentreception device present on the network, there are, for example, amethod of transmitting to multicast a UDP packet including “request fordetecting device including content transmission function” to all of thedevices on the network, and recognizing the content transmission deviceby returning a signal only by a device including the function, and amethod of recognizing the content reception device by receiving anetwork participation notice noticed from the content transmissiondevice connected to the network.

The user may input address information of the content transmissiondevice 100 via the input processing unit 107, and the content receptiondevice 300 may access to the content transmission device 100 based onthe inputted information without displaying the screen of the list ofthe content transmission devices.

When the user selects the content transmission device 100 at S1601, thecontrol unit 115 of the content reception device 300 transmits a requestfor acquiring content information to the content transmission device 100similarly installed at the user residence 1 via the digital input/outputterminal 114 (S1602).

The control unit 115 of the content transmission device 100 transmitsconfirmation of reception to the content reception device 300 via thecommunication processing unit 113 (S1603). The control unit 115 of thecontent transmission device 100 extracts only contents to which thecontent reception device 300 can access, creates content information byusing information (for example, title, date, copy control information,recording time, etc.) concerning a portion or all of the contents(S1604), and transmits the content information to the content receptiondevice 300 (S1605).

Here, at S1604, the control unit 115 of the content transmission device100 extracts contents which are recorded at the recording unit 111 andcan be outputted from the digital input/output terminal 114, contentswhich are being currently recorded to the recording unit 111 and can beoutputted from the digital input/output terminal 114, and contents whichare programs that can currently be received via the tuner 101 or theinternet 3 and can be outputted from the digital input/output terminal114.

The control unit 115 of the content reception device 300 transmitsconfirmation of reception to the content transmission device 100(S1606), the control unit 115 of the content reception device 300displays received content information on the display unit/speaker 105 asa list of contents. When the user designates contents which the userintends to see and hear from the list of contents via the inputprocessing unit 107 (S1607), the device authentication processing unit108 of the content reception device 300 executes the ordinaryauthentication processing S600 with the device authentication processingunit 108 of the content transmission device 100.

Thereafter, the control unit 115 of the content reception device 300transmits a request for seeing and hearing desired contents to thecontent reception device (S1608).

The control unit 115 of the content transmission device 100 transmitsconfirmation of reception to the request for seeing and hearing contents(S1609) and transmits contents encrypted at the encryption/decryptionprocessing unit 112 by using a common key created by using the exchangekey shared at S600 to the content reception device 300 (S1610).

After starting to transmit contents, the device authenticationprocessing unit 108 of the content reception device 300 transmits arequest for confirming the key to the content transmission device 100 atan arbitrary timing (S1611). When the device authentication processingunit 108 of the content transmission device 100 receives the request forconfirming the key, the device authentication processing unit 108 of thecontent transmission device 100 transmits confirmation of reception tothe content reception device 200 in accordance with a result of theconfirmation (S1612).

The device authentication processing unit 108 checks whether anidentification ID of the exchange is correct, the device informationupdating unit 1092 sets the timer 1091 in the device informationmanagement unit 109 such that a notice is inputted periodically (forexample, at interval of 1 minute or at interval of 10 minutes) andstarts the timer 1091. The device authentication processing unit 108creates the common key for encrypting contents by using the exchange keyand sets the common key to the encryption/decryption processing unit112.

The desired content read from the recording unit 111 is transmitted tothe content reception device 300 by the format indicated in FIG. 20while encrypting the desired contents at the encryption/decryptionprocessing unit 112 (S1610). At S1610, the content transmission device100 refers to the digital content output control table 1400, and setsE-EMI determined by combinations of the digital copy control descriptor1300 and the content using descriptor 1200 to E-EMI 200214 in a headerportion 20021 of FIG. 20 and outputs the contents. The contenttransmission device 100 can output the contents from the digitalinput/output terminal 114, and contents (combinations 1403 and 1406 ofthe digital content output control table 1400) are prevented from beingrecorded at the content reception device 300 by setting E-EMI to “Nomore copies”.

Here, the device information updating unit 1092 updates theintra-residential counter value 5204 of the intra-residential deviceinformation table 5200 in the device information table 5000 (forexample, decrements the counter value) at every time of inputting noticefrom the timer 1091 in transmitting contents. When the intra-residentialcounter value 5204 reaches 0, the device information updating unit 1092deletes information of a corresponding device in the intra-residentialdevice information table 5200.

The device authentication processing unit 108 of the content receptiondevice 300 creates the common key for encrypting contents by using theexchange key shared at S600, and sets the common key to theencryption/decryption processing unit 112. The device authenticationprocessing unit 108 of the content reception device 300 extracts anddecodes encrypted contents included to the payload from the format shownin FIG. 20 at the encryption/decryption processing unit 112 with regardto data received via the communication processing unit 113 and theencryption/decryption processing unit 112, and outputs the contents tothe display unit/speaker 105 while decoding the encrypted contents bythe decoder 104.

7. Seeing and Hearing Contents from Outside of Residence

An explanation will be given of a content audio-visual processing 1800from outside of a residence in reference to FIG. 18. Also, anexplanation will be given of an extra-residential access deviceauthentication processing which is carried out in the procedure of thecontent audio-visual processing in reference to FIG. 11.

FIG. 18 shows a processing procedure in a case of taking out theportable terminal (content reception device. 200) to outside of theresidence and seeing and hearing a broadcasting program inputted fromthe going out destination 2 to the content reception device 100 via thetuner 101 or contents stored in the recording unit 111 in the systemconfiguration shown in FIG. 1.

First, when a user designates to see and hear contents by using theinput processing unit 209 of the content reception device 200, thecontrol unit 115 of the content reception device 200 displays the listof content transmission devices on the display unit/speaker 105. Thelist of content transmission devices displays the content transmissiondevice 100 which is a device registered in the extra-residential accessinformation table 60000 (S1801).

Here, the content reception device 200 may detect a device present onthe network to display in the list of content transmission devices. As amethod of detecting the content transmission device present on thenetwork, for example, there is a method of recognizing the contenttransmission device by transmitting to multicast a UDP packet including“request for detecting a device including a content transmissionfunction” to all of devices on the network and returning answer only bya device including the function, or a method of recognizing a contenttransmission device by receiving a network participation notice notifiedfrom the content transmission device connected to the network.

Next, when the user selects the content transmission device 100 from thelist of content transmission devices displayed, the control unit 115 ofthe content reception device 200 transmits a request for acquiringcontent information to the content transmission device 100 of the userresidence 1 via the internet via the wireless access point 23 and therouter 22 of the going out destination 2 from the wireless communicationprocessing unit 203 in reference to address information of the contenttransmission device 100 registered to the extra-residential accessinformation table 60000 (S1802).

Here, the user may input address information of the content transmissiondevice 100 via the input processing unit 107, and the content receptiondevice 200 may access to the content transmission device 100 based onthe inputted information without displaying the list of contenttransmission devices.

The control unit 115 of the content transmission device 100 transmitsconfirmation of reception to the content reception device 200 via thecommunication processing unit 113 (S1803), creates content listinformation (for example, title, date, copy control information,recording time, etc.) concerning a portion or all of contents stored tothe recording unit 111 by using a procedure of creating content listinformation shown in FIG. 17 (S1804), and transmits the information tothe content reception device 200 (S1805).

The control unit 115 of the content reception device 200 transmitsconfirmation of reception to the content transmission device 100(S1806), and displays received content information on the displayunit/speaker 105 as contents list. When the user designates contentsintended to see and hear from the contents list via the input processingunit 107 (S1807), the device authentication processing unit 108 of thecontent reception device 200 executes an extra-residential access deviceauthentication processing 1100 with the device authentication processingunit 108 of the content transmission device 100. The extra-residentialaccess device authentication processing 1100 described later inreference to FIG. 11 is an extra-residential device authenticationprocessing procedure which is executed between the content transmissiondevice 100 and the portable terminal 200 for seeing, hearing or copying,or executing Move copyright protection contents inputted or stored tothe content transmission device 100 from the portable terminal (contentreception device) 200 present at outside of the residence in the systemconfiguration shown in FIG. 1. The content transmission device 100 andthe content reception device 200 authenticate each other by theextra-residential access device authentication processing 1100, andshare an exchange key for encrypting contents by the contenttransmission device 100 and decrypting contents by the content receptiondevice 200 as a result of the authentication.

Thereafter, the control unit 115 of the content reception device 200transmits a request for seeing and hearing desired contents to thecontent transmission device 100 (S1808). At this occasion, the requestfor seeing and hearing contents may be added with ID for identifying theextra-residential exchange key received by the extra-residential accessdevice authentication processing S1100.

The control unit 115 of the content transmission device 100 transmitsconfirmation of reception to the request for seeing and hearing contents(S1809), and transmits contents encrypted by the encryption/decryptionprocessing unit 112 by using the key shared at S1100 to the contentreception device 200. In a case where a value of the extra-residentialsimultaneous access number 5322 reaches a value of the extra-residentialsimultaneous access maximum number 5106 by using the extra-residentialdevice information table 5300 shown in FIG. 5, a response rejecting therequest can be returned.

After starting to transmit contents, the device authenticationprocessing unit 108 of the content reception device 200 transmits arequest for confirming the key to the content transmission device 100 atan arbitrary timing (S1811). When the device authentication processingunit 108 of the content transmission device 100 receives the request forconfirming the key, the device authentication processing unit 108 of thecontent transmission device 100 transmits confirmation of reception tothe content reception device 200 in accordance with a result of theconfirmation (S1812).

The device authentication processing unit 108 checks whether anidentification ID of the extra-residential exchange key is correct, thedevice information updating unit 1092 sets the timer 1091 in the deviceinformation management unit 109 to input notice periodically (forexample, at an interval of one minute or an interval of 10 minutes) soas to input a notice and starts the timer 1091. The deviceauthentication processing unit 108 creates a common key for encryptingcontents by using the extra-residential exchange key, and sets thecommon key to the encryption/decryption processing unit 112.

The device authentication processing unit 108 transmits desired contentsread from the recording unit 111 to the content reception device 200 bythe format shown in FIG. 20 while encrypting the contents by theencryption/decryption processing unit 112 (S1810). Here, the deviceinformation updating unit 1092 updates the extra-residential countervalue 5207 (for example, decrements the counter value) in the deviceinformation table 5000 at each time of inputting notice from the timer1091 in transmitting contents. When the extra-residential counter value5206 reaches 0, the device information updating unit 1092 deletesinformation of corresponding device in the extra-residential deviceinformation table 5300.

The device authentication processing unit 108 of the content receptiondevice 200 creates the common key for decrypting contents by using theextra-residential exchange key, and sets the common key to theencryption/decryption processing unit 112. The device authenticationprocessing unit 108 of the content reception device 200 extracts todecrypt encrypted contents included in the payload from the format shownin FIG. 20 by the encryption/decryption processing unit 112 and outputsthe contents to the display unit/speaker 105 while decoding the contentsby the decoder 104 concerning data received via the wirelesscommunication processing unit 203 and the wireless encryption/decryptionprocessing unit 202.

As described above, contents can be transmitted from the contenttransmission device at inside of the residence to the content receptiondevice at outside of the residence when the extra-residential accessdevice authentication processing 1100 which will be described later inreference to FIG. 11 is executed and succeeded only in a case where theextra-residential access device registration processing S700 is executedbetween the content transmission device and the content reception devicepreviously at inside of the residence and the content reception devicewhich has succeeded in the authentication processing is taken out tooutside of the residence.

<7.1 Extra-Residential Access Device Authentication Processing>

Here, a description will be given of the extra-residential access deviceauthentication processing.

FIG. 11 is a diagram showing an example of a processing sequence of theextra-residential access device authentication processing 1100 executedbetween the content transmission device 100 and the portable terminal200 for seeing and hearing or copying, executing Move the copyrightprotection contents inputted or stored to the content transmissiondevice 100 from the portable terminal (content reception device) 200present at outside of the residence in the system configuration shown inFIG. 1. Assume that the content reception device 200 is present atoutside of the residence when the procedure is executed. Also, assumethat the portable terminal 200 previously executes the extra-residentialaccess device registration processing S700 with the content transmissiondevice 100 by using the procedures of FIG. 7 and FIG. 9, and theportable terminal 200 has registered to the extra-residential deviceinformation table 5300 of the content transmission device 100.

Here, the content transmission device 100 and the content receptiondevice 200 do not monitor TTL of a received packet. The contenttransmission device 100 and the content reception device 200 set theextra-residential transmission TTL set value 1912 of the TTL table 1910such that TTL of a transmitted packet is not equal to or less than theintra-residential restriction TTL value 1911 of the TTL table 1910 and apacket can reach the user residence 1 from the going out destination 2via the Internet. The extra-residential transmission TTL set value 1912is made to be a value larger than the intra-residential restriction TTLvalue 1911.

First, the device authentication processing unit 108 of the contentreception device 200 creates an extra-residential authenticationrequest. The extra-residential authentication request is attached withinformation inherent to the device including the device ID, and a deedfor the information inherent to the device to transmit to the contenttransmission device 100 via the wireless communication processing unit203 (S1101).

When the device authentication processing unit 108 of the contenttransmission device 100 receives the extra-residential authenticationrequest, the device authentication processing unit 108 of the contenttransmission device 100 confirms that the device ID of the contentreception device 200 is registered to the extra-residential deviceinformation table 5300 managed in the device information management unit109, and a value of the extra-residential simultaneous access number5322 of the extra-residential device information table 5300 is smallerthan a value of the extra-residential simultaneous access maximum number5106 of the definition table 5100, and thereafter transmits confirmationof reception thereof to the content reception device 200 (S1102).

In a case where the device ID of the content reception device 200 is notregistered in the extra-residential device information table 5300, or ina case where the value of the extra-residential simultaneous accessnumber 5322 of the extra-residential device information table 5300 isthe same as the value of the extra-residential simultaneous accessmaximum number 5106 of the definition table 5100, the contenttransmission device 100 interrupts processings thereafter.

Next, the device authentication processing unit 108 of the transmissiondevice 100 creates an extra-residential authentication request from theown side, and attaches information inherent to the content transmissiondevice 100 and a deed for the information inherent to the device totransmit to the content reception device 200 via the communicationprocessing unit 113 similar to the case of the content reception device200 (S1103).

The device authentication processing unit 108 of the content receptiondevice 200 receives the extra-residential authentication request, andtransmits confirmation of reception thereof to the content receptiondevice 100 (S1104).

Next, the device authentication processing unit 108 of the contenttransmission device 100 verifies respective information received by theextra-residential authentication request, and transmits anextra-residential authentication response attached with parameternecessary for creating key information to the content reception device200 (S1105).

The device authentication processing unit 108 of the content receptiondevice 200 receives the extra-residential authentication response andtransmits confirmation of reception thereof to the content transmissiondevice 100 (S1106), thereafter, creates an extra-residentialauthentication response from the own side, transmits anextra-residential authentication response attached with parametersnecessary for creating the key information to the content transmissiondevice 100 similar to the case of the content transmission device(S1107), and creates an extra-residential authentication key common tothe content transmission device 100 by using necessary parameters.

The device authentication processing unit 108 of the contenttransmission device 100 receives the extra-residential authenticationresponse, transmits confirmation of reception thereof to the contentreception device 200, and creates the authentication key common to thecontent reception device 200 by using necessary parameters similar tothe content reception device (S1108).

In the procedure up to this point, the device authentication processingunit 108 of the content transmission device 100 and the deviceauthentication processing unit 108 of the content reception device 200create and share the authentication key common to each other.

Next, the content reception device 200 is registered to theextra-residential device information table 5300, it is confirmed thatthe extra-residential counter value 5306 of the content reception device200 is not 0 (S1109), thereafter, an extra-residential exchange key usedin encrypting contents is created, the extra-residential exchange key isencrypted by using the extra-residential authentication key, andtransmitted to the content reception device 200 along with ID foridentifying the extra-residential exchange key (S1110).

The device authentication processing unit 108 of the content receptiondevice 200 decrypts the extra-residential exchange key transmitted fromthe content transmission device 100 by using the extra-residentialauthentication key, and transmits confirmation of reception (S1111).

When the device authentication processing unit 108 of the contenttransmission device 100 receives the confirmation of reception, thedevice authentication processing unit 108 of the content transmissiondevice 100 updates information concerning the content reception device200 in the extra-residential device information table 5300 in the deviceinformation management unit 109 (S1112). Specifically, the deviceauthentication processing unit 108 of the content transmission device100 sets the extra-residential exchange key created at S1111 to theextra-residential exchange key 5304, and updates the transmission status5305 from “stop” to “accessing”.

The device authentication processing unit 108 of the content receptiondevice 200 sets the extra-residential exchange key decrypted at S1111 tothe extra-residential exchange key 60004 of the extra-residential accessinformation table 60000 (S1113).

The procedure described above explains the device authenticationprocessing executed between the content transmission device 100 and thecontent reception device 200 in a case of transmitting contents tooutside of the residence.

It can be confirmed that the devices are devices normally qualifiedbetween the devices, and a key used for encryption/decryption ofcontents in transmitting contents to outside of the residence can beshared by executing the procedure described above.

8. Creation of Content List Information

FIG. 17 shows an example of a processing sequence of creating contentslist information (contents list which can be provided to the contentreception device 300 in contents stored to the recording unit 111) whichthe content transmission device 100 provides to the content receptiondevice 300 at S1604 of the content audio-visual processing procedure atinside of the residence shown in FIG. 16 and S1804 of the contentaudio-visual processing procedure from outside of the residence shown inFIG. 18.

When the content information acquiring request is received from thecontent reception device 300 at S1602 in FIG. 16 or at S1802 in FIG. 16,the control unit 115 of the transmission device 100 acquires informationconcerning contents stored to the recording unit 111, for example, name,broadcasting station/channel name, recording time, recording mode,image/voice format, digital copy control descriptor, content usingdescriptor, detailed information or the like (S1701). Here, the contentinformation includes contents which are being recorded currently at therecording unit 111.

Next, the control unit 115 of the content transmission device 100determines whether the content reception device issuing the contentsinformation acquiring request makes an access from inside of theresidence, or makes an access from outside of the residence (S1702).Here, as a method of detecting the content reception device present onthe intra-residential network, for example, there is a method ofrecognizing the content reception device by transmitting to multicastthe UDP packet including “request for detecting device” to all ofdevices on the network, and returning the response only by the deviceincluding the function.

In a case where the content reception device 300 is installed at insideof the residence as a result of determination at S1702, the contenttransmission device 100 acquires information concerning a program whichcan be seen and heard in real time by currently receiving the programvia the tuner 101 or via the Internet 3, for example, program name,broadcasting station/channel name, broadcasting time, image/voiceformat, digital copy control descriptor, content using descriptor,detailed information or the like (S1703). The content transmissiondevice 100 confirms a combination of the digital content output controltable 1400 by referring to the copy control descriptor 1300 and thecontent using descriptor 1200 for respective contents by usinginformation concerning contents stored to the recording unit 111acquired at S1701 and information concerning acquired contents currentlybroadcasting acquired at S1703 (S1704). The content transmission device100 determines whether the contents can be outputted via the digitalinput/output terminal 114 from the combination of values of the digitalcontrol descriptor 1300 and the content using descriptor 1200.Specifically, the content transmission device 100 determines whether thevalues of the digital copy control descriptor 1300 and the content usingdescriptor 1200 correspond to combinations 1401 through 1408 of thedigital content output control table 1400 (S1705).

In a case where the values do not correspond to the combinations as aresult of the determination at S1705, the operation proceeds to S1707.In a case where the values correspond to the combinations, informationconcerning the contents is added to the contents list informationtransmitted to the content reception device 300 (S1706). When it can beconfirmed that all the contents have been confirmed (S1707), the contentlist information created at S1605 of FIG. 16 is transmitted to thecontent reception device 300 (S1708). As described above, contents whichare present on the network at inside of the residence and can beoutputted to the content reception device 300 are only contentscorresponding to the combinations 1401 through 1408 of the digitalcontent output control table 1400.

On the other hand, in a case where the content reception device makesremote access from outside of the residence as a result of thedetermination at S1702 (for example, portable terminal 200), thecombination of the digital content output control table 1400 isconfirmed by referring to the digital control descriptor 1300 and thecontent using descriptor 1200 for respective contents by usinginformation concerning contents stored to the recording unit 111acquired at S1701 (S1709). It is determined whether contents can beoutputted via the digital input/output terminal 114 by the combinationof the digital copy control descriptor 1300 and the content usingdescriptor 1200. Specifically, it is determined whether the values ofthe digital copy control descriptor 1300 and the content usingdescriptor 1200 correspond to combinations 1401 through 1408 of thedigital content output control table 1400 (S1710).

In a case where the values do not correspond to the combination as aresult of the determination of S1710, the operation proceeds to S1714.In a case where the values correspond to the combination, it isdetermined whether a value of the remote access restriction mode 1206 is“1 (remote access acceptable)” (S1711).

In a case where the value of the remote access restriction mode 1206 is“other than 1” as a result of the determination at S1711, the operationproceeds to S1714. In a case where the value of the remote accessrestriction mode 1206 is “1”, it is determined whether time of startingmeasurement reaches a prescribed value by using the timer 1091 at S1510of FIG. 15 (S1712). The prescribed value indicates, for example, theretention acceptable time 1204 of the content using descriptor 1200 or“elapse time until enabling remote access” previously set to the remoteaccess acceptable time stored to the recording unit 110 incorrespondence with contents.

In a case where the time has not reached the prescribed value as aresult of the determination at S1712 (that is, remote access is notenabled), the operation proceeds to S1714. In a case where the timereaches the prescribed value, information concerning the contents isadded to the contents list information transmitted to the portableterminal 200 (S1713). When it can be confirmed that all of the contentshave been confirmed (S1714), the contents list information created atS1605 of FIG. 16 is transmitted to the portable terminal 200 (S1708).

The following effect is achieved by executing the procedure describedabove.

1) At S1702/S1703, it can be prohibited to see, hear, or reproduce aprogram which the content transmission device 100 can currently receivevia the tuner 101 or via the internet 3 (live broadcasting or IPTVbroadcasting seeing and hearing broadcasting program in real time, VODservice) by the content reception device 200 by remote access fromoutside of the residence.

2) At S1712, in a case where the content provision origins (5 a, 5 b) donot accept remote access to contents recorded at the recording unit 111of the content transmission device 100 (the value of the remote accessrestriction mode 1206 is 0), seeing, hearing and reproducing by thecontent reception device 200 by remote access from outside of theresidence can be prohibited.

9. Packet Filtering and Packet Reception Using TTL

An explanation will be given of a packet filtering processing and apacket reception processing using TTL in reference to FIG. 19 throughFIG. 24 as follows.

FIG. 19 shows a configuration example of threshold information 1900storing various thresholds and set values which the deviceauthentication processing unit 108 uses. The threshold information 1900is configured by a TTL table 1910 and an intra-residential confirmationthreshold table 1920.

The TTL table 1910 is configured by an intra-residential restriction TTLvalue 1911 and an extra-residential transmission TTL set value 1912.

The intra-residential restriction TTL value 1911 indicates a value ofTTL set to a packet transmitted by the content transmission device andthe content reception device in an authentication processing when thecontent transmission device transmits contents to the content receptiondevice in the same residence, and when an extra-residential accessdevice is registered.

A value of the intra-residential restriction TTL value 1911 is used alsoas a threshold for determining whether the received packet is a packettransmitted from outside of the residence, in the authenticationprocessing when the content transmission device transmits contents tothe content reception device in the same residence, and when a device isregistered for an extra-residential access.

The extra-residential transmission TTL set value 1912 is used as a valueset to a packet which the content transmission device and the contentreception device transmit in the extra-residential access deviceauthentication. The extra-residential transmission TTL set value 1912 ismade to be a value larger than the intra-residential restriction TTLvalue 1911.

Here, TTL is a value representing an effective period of a packet, andthe value is decremented by 1 at every time of passing a packet througha router or the like by once. A packet TTL of which becomes 0 isabandoned at the time point. Therefore, packet transfer to outside ofthe residence can be prevented by setting TTL to a sufficiently smallvalue.

The intra-residential confirmation threshold table 1920 is configured byan intra-residential confirmation time out value (T) 1921 and anextra-residential registration intra-residential confirmation time outvalue (T′) 8202.

The intra-residential confirmation time out value (T) 1921 is used for adetermination for confirming that the content reception device ispresent in the same residence in the device authentication processingwhen the content transmission device transmits contents to the contentreception device.

The extra-residential registration intra-residential confirmation timeout value (T′) 8202 is used for a determination for confirming that thecontent reception device to be registered is present in the sameresidence in an extra-residential access device registration processing.An intra-residential confirmation can be carried out more strictlyconcerning a device for executing an extra-residential access in anauthentication processing by setting the extra-residential registrationintra-residential confirmation time out value (T′) 8202 smaller than theintra-residential confirmation time out value (T) 1921.

FIG. 20 shows a configuration example of a transmission data in a caseof transmitting contents by using HTTP protocol in the encrypted contenttransmission processing S1610 of the content audio-visual processingprocedure at inside of the residence S1600, and the encrypted contenttransmission processing S1810 of the content audio-visual processingprocedure S1800 from outside of residence S1800. Here, although TCP isused as a transport layer protocol, TCP header is omitted.

A transmission data 2000 in a case of transmitting contents by using theHTTP protocol is configured by an HTTP header 2001 and a contenttransmission packet 2002.

The content transmission packet 2002 is configured by a header portion20021 and a payload portion 20022.

The header portion 20021 is configured by Type 200211, a reservationregion (Reserved) 200212, an encryption system (C_A) 200213, anencryption mode (E-EMI) 200214, an exchange key label(Exchange_Key_Label) 200215, copy control information (PCP-UR) 200216, arandom number value (SNc) 200217, and a payload size (Byte Length ofPayload) 200218.

Type 200211 sets a fixed value for identifying a kind of the contenttransmission packet 2002.

The reservation region (Reserved) 200212 is a reservation region and 0is set thereto.

The encryption system (C_A) 200213 indicates an encryption system of thepayload portion. For example, the encryption system explicitly indicatesthat encryption is executed by AES having a key length of 128 bits.

The encryption mode (E-EMI) 200214 indicates an encryption mode of thepayload portion, and is used for calculating a content key incombination with the copy control information (PCP-UR) 200216, and therandom number value (SNc) 20017.

The exchange key label (Exchange_Key_Label) 200215 sets a label ofspecifying a key exchanged in the authentication procedure 600.

The copy control information (PCP-UR) 200216 indicates copy controlinformation of the payload portion, and is configured by a copy controlinformation mode (UR Mode) representing a kind of the copy controlinformation, a content type (Content Type) representing a kind of thepayload portion, APS for executing an analog output restriction, and ICTfor executing resolution restriction.

The payload size (Byte Length of Content) 200218 sets a size of thepayload portion 17022 of the payload portion 17022 of the contenttransmission packet 1702. The payload portion 17022 is configured byencrypted contents.

For example, also in a case of transmitting contents by using RTPprotocol, contents can be transmitted by a configuration similar to thatof FIG. 20 by substituting the HTTP header 2001 for an RTP header. Or,the copy control information can firmly be transmitted when both of theRTP header and the content transmission packet 2002 are stored for eachRTP packet.

FIG. 21 shows a configuration example of a packet monitoring table 2100used in a case of executing filtering by TTL is executed for each portnumber at the communication processing unit of the content transmissiondevice.

The packet monitoring table 2100 is configured by ID 2101, a port number2102, and a TTL restriction 2103. ID 2101 indicates a registrationnumber of the table. The port number 2102 indicates a destination portnumber of a received packet of TCP or UDP of a monitoring object.

The TTL restriction 2103 indicates an upper limit value of TTL in afiltering processing applied to a packet received by a port set to theport number 2102. The value takes a value from 0 to 255, in a case of 0,the TTL restriction, that is, the filtering is not executed. Forexample, a record 2111 in which a value of ID 2101 in FIG. 21 is 1indicates that the received packet is abandoned in a case where the TTLvalue of the received packet is larger than 3 in a case where the portnumber is 53219.

A record 2112 in which the value of ID 2101 is 2 indicates thatfiltering by the received packet TTL value is not executed in a casewhere the destination port number of the received packet is 53220. Eachrecord of the table may statically be registered or dynamicallyregistered when used.

FIG. 22 shows an example of a flow of a packet filtering processingS2200 in a case of executing filtering by TTL for each port number.

First, the communication processing unit 113 of the content transmissiondevice 100 acquires a destination port number of a received packet(S2201).

Next, the communication processing unit 113 confirms a registered recordof the packet monitoring table 2100 (S2202). In a case where a record ofport number 2102 the same as the destination port number of the receivedpacket is not present at the packet monitoring table 2100 (No of S2203),the communication processing unit 113 abandons the received packet(S2204), and finishes the processing.

On the other hand, in a case where the record of the port number 2102the same as the destination port number of the received packet ispresent in the packet monitoring table 2100 (Yes of S2203), thecommunication processing unit 113 compares a TTL value of the receivedpacket and a value of the TTL restriction 2103 set to the record of theport number 2102 the same as the port number of the received packet,abandons the received packet (S2204) and finishes the processing in acase where the TTL value of the received packet is larger than the TTLrestriction 2103 of the record (No of S2205).

On the other hand, in a case where the TTL value of the received packetis equal to or less than the TTL restriction 2103 of the record or thevalue of the TTL restriction 2103 of the record is 0 (Yes of S2205), thecommunication processing unit 113 processes the received packet (S2206)and finishes the processing.

As described above, ports are classified for access at inside of theresidence and access from outside of the residence by setting therestriction value of TTL for each port by using the packet monitoringtable and executing filtering of packet in accordance with a setcontent, and the filtering processing of the packet in accordance witheach port can be executed. That is, in access from inside of theresidence, filtering can be carried out by monitoring TTL, and inaccessing from outside of the residence, filtering can be prevented frombeing executed.

FIG. 23 shows a configuration example of a connection management table2300 used in a case where the device authentication processing unit 108of the content transmission device 100 executes filtering of a deviceauthentication processing packet by TTL for each TCP connection.

The connection management table 2300 is configured by ID 2301, a socketdescriptor 2302, and TTL restriction 2303. ID 2301 indicates aregistration number of the table. The socket descriptor 2302 is anidentifier for uniquely identifying TCP connection at the contenttransmission device.

The TTL restriction 2303 indicates an upper limit value of TTL in thefiltering processing which is applied to the device authenticationprocessing packet received on the TCP connection indicated by the socketdescriptor 2302. The value takes a value from 0 to 255, a case of 0indicates TTL restriction, that is, that the filtering is not executed.For example, a record 9211 in which a value of ID 2301 is 1 in FIG. 23indicates that the device authentication processing packet is abandonedin a case where the TTL value of the received packet is larger than 3 ina case of a connection in which the value of the socket descriptor 2302is 2.

A record 2312 in which the value of ID 2301 is 2 indicates thatfiltering by a TTL value of the received device authenticationprocessing packet is not executed in a case of a connection in which thevalue of the socket descriptor 2302 is 4. A record 9213 in which thevalue of ID 2301 is 3 indicates that a connection is established, therecord is only newly registered, and TTL restriction 2303 is not set yetin a case of a connection in which the value of the socket descriptor2302 is 6. That is, the record is registered to the table at a timepoint of establishing the connection.

FIG. 24 shows an example of a procedure of a packet reception processingS2400 in a case where filtering of a device authentication processingpacket is executed by using the connection management table.

First, the device authentication processing unit 108 of the contenttransmission device 100 receives a device authentication processingpacket via the communication processing unit 113 (S2401). Next, thedevice authentication processing unit 108 confirms the connectionmanagement table (S2402), and confirms whether the TTL restriction valueis registered to a record in correspondence with a value of the socketdescriptor receiving the received packet (S2403).

In a case where the TTL restriction value is set to the record (Yes ofS2403), the device authentication processing unit 208 confirms whetherthe TTL value of the received packet is equal to or less than the TTLrestriction value, or the set TTL restriction value is 0 (S2408). In acase where the TTL value of the received packet is equal to or less thanthe set TTL restriction value, or the set TTL restriction value is 0(Yes of S2408), the device authentication processing unit 108 of thecontent transmission device 100 processes the received packet inaccordance with the kind of packet (S2409), and finishes the processing.

On the other hand, in a case where the TTL value of the received packetis larger than the set TTL restriction value (No of S2408), the deviceauthentication processing unit 108 abandons the received packet (S2410)and finishes the processing.

On the other hand, in a case where the TTL restriction value is not setto the record yet (No of S2403), the device authentication processingunit 108 of the content transmission device 100 confirms the kind of thereceived packet (S2404). In a case where the received packet is anextra-residential authentication start request issued at S1101 of FIG.11 (Yes of S2405), the device authentication processing unit 108 sets 0to the TTL restriction 2303 of the record of the connection managementtable 2300 (S2407).

On the other hand, in a case where the received packet is not theextra-residential authentication start request issued at S1101 of FIG.11 (No of S2405), the device authentication processing unit 108 sets 3to the TTL restriction 2303 of the record of the connection managementtable 2300 (S2406), and executes processings at S2408 and thereafter.

As described above, the restriction by TTL can be executed respectivelyin accordance with the access from inside of the residence and theaccess from the outside of the residence by setting the TTL restrictionvalue in accordance with the kind of the device authenticationprocessing packet which is received first by using the connectionmanagement table. That is, filtering of the device authenticationprocessing packet received by monitoring TTL is made to be able to beexecuted in accessing from inside of the residence, and filtering of thedevice authentication processing packet received is made to be not ableto execute in accessing from outside of the residence.

Monitoring of TTL can be stopped and the TTL value set to thetransmitted device authentication processing packet can be changed inthe processings thereafter at the content transmission device bychanging the TTL restriction for each connection and notifyingexplicitly the extra-residential authentication start by transmittingthe extra-residential authentication start request in starting theextra-residential authentication by the procedure described above. As aresult, authentication of a device and sharing of the authentication keycan be executed by using the authentication request and theauthentication response used at the ordinary authentication processingS600.

Although according to the embodiment, the kind of the received packet isused for presence or absence of the restriction by TTL, presence orabsence of the restriction may be determined by the port number oftransmitting and receiving the packet by using the table and theprocedure shown in FIG. 21 and FIG. 22. In a case where presence orabsence of the restriction is determined by the port number, it is notnecessary to transmit and receive the extra-residential authenticationstart request, and therefore, the authentication processing can swiftlybe started.

As described above, according to the embodiment, the content provisionorigin can restrict use by remote access to the delivered contents byinstalling the remote access restriction mode 1206 to the content usingdescriptor 1200.

In a case where the value of the remote access restriction mode 1206 ofcontents received from the content provision origin is “restrict remoteaccess (unacceptable)”, an illegal remote access to contents can easilybe restricted by enabling recording only by record media included in thedevice receiving the contents and prohibiting recording to otherrecording device.

In a case where a value of the remote access restriction mode 1206 ofcontents stored to record media is “remote access is restricted(unacceptable)”, an audio-visual operation is enabled only for areproducing device connected to a network at inside of the residence,and the contents are not outputted to a reproducing device which isremotely accessed from outside of the residence. Thereby, use by remoteaccess set by the content provision origin can be restricted also withregard to stored contents.

In a case where a value of the remote access restriction mode 1206 ofcontents received from the content provision origin is “remote access isnot restricted (acceptable)”, time measurement is started by using atimer simultaneously with starting to record to record media. Remoteaccess to the contents is accepted only after the measurement timeelapses for prescribed time. Thereby, remote access to contents of alive broadcasting program which is seen and heard in real time caneasily be restricted.

As described above, according to the embodiment, in a case whereencrypted contents are transmitted to a content reception device, in acase where the contents are a live broadcasting or VOD (Video OnDemand), the contents are not delivered to a content reception device atoutside of a residence. It is determined whether remote access to thecontents is accepted by referring to an identifier for identifyingremote access possible/impossible added to the content provision origin(broadcasting station or content delivery provider, etc.). As a result,concerning contents remote access of which is not accepted, delivery isaccepted to “audio-visual operation for content reception device atinside of a residence”, and “recoding to record media included in owndevice (that is, content transmission device) along with the identifier”is accepted. On the other hand, in a case where the contents arerecorded to record media, the identifier added to the contents isreferred, and contents remote access of which is accepted is deliveredto a content reception at outside of the residence. Contents remoteaccess of which is not accepted is made to be able to be delivered onlyto a reception device at inside of a residence. Contents at inside of aresidence can be seen and heard when a content reception device executesa device registration processing for an extra-residential accesspreviously with a content transmission device at inside of a residence,and the content reception device succeeding the processing executes adevice authentication processing exclusive for outside of the residencefrom the outside of the residence. Thereby, a normal user can see andhear contents at inside of the residence from outside of the residencewithout exceeding a range of personal use, and a convenience of the useris improved.

Second Embodiment

Next, an explanation will be given of second embodiment of the presentinvention.

FIG. 26 shows a system configuration example of the embodiment. Adifference from first embodiment resides in that at the user residence1, the content transmission device 100 and the content reception device300 explained in first embodiment, are connected to a VPN (VirtualPrivate Network) corresponding router 2600 by a cable of wired LAN and achange point accompanied therewith explained below. A systemconfiguration or processing which is not particularly explained below iscommon to that of first embodiment so far as not conflicting with atechnology of second embodiment.

The VPN corresponding router 2600 is connected to the internet 3 via amodem or an optical/electrical converter. The content transmissiondevice 100 and the content reception device 300 can receive contentsdelivered from the content provision origins (5 a, 5 b) via the antenna10 or via the internet 3 similar to first embodiment. At the going outdestination 2 of the user, the portable terminal 300 of the user can becommunicated with the wireless access point 23 and can be connected tothe internet 3 via the router 22 similar to first embodiment.

Here, the VPN corresponding router 2600 is a configuration device forrealizing a VPN function enabling communication between key pointsremote from each other or an access from PC at outside of a company to aserver at inside of the company by using a general communication networkof the Internet or the like in place of an exclusive communication line.Although VPN respectively uses a security protocol of IPsec, SSL (SecureSockets Layer)/TLS (Transport Layer Security), PPTP (Point to PointTunneling Protocol), or L2TP (Layer 2 Tunneling Protocol) in accordancewith a mode of use, in the present embodiment, VPN is not limited to useany of these.

The VPN corresponding router 2600 is allocated with a global IP address(used on WAN side) from ISP (Internet Services Provider) to which a userof the user residence 1 subscribes. The VPN corresponding router 2600allocates private IP addresses to the content transmission device 100and the content reception device 300 of the user residence 1 by using aDHCP server function provided to the VPN corresponding router 2600 perse similar to first embodiment. In a case of accessing to the contenttransmission device 100 or the content reception device 300 of the userresidence 1 from a portable terminal 2620, the global IP address isused. It is general to allocate the IP address dynamically by ISP, andtherefore, there is a possibility of being updated by ISP. Hence, theVPN corresponding router includes a DDNS client function for registeringto DDNS server at each time of updating the global IP address. A DDNSserver 2601 used by the user of the user residence 1 is connected to theinternet 3.

FIG. 27 shows a configuration example of the portable terminal (contentreception device) 2610 used in the embodiment.

The portable terminal 2610 is configured by the tuner 101, thedemultiplexer 103, the decoder 104, the display unit/speaker 105, theinput processing unit 107, the device authentication processing unit108, the device information management unit 109, therecording/reproducing processing unit 110, the memory 111, the timemanagement unit 120, the camera image taking unit 201, the communicationprocessing unit 113, a wireless communication processing unit 203, theVPN communication processing unit 2701, and the control unit 115.

The communication processing unit 113 is a portion oftransmitting/receiving contents or control commands to/from other devicevia the wireless communication processing unit 203 via the wirelessaccess point 23. The communication processing unit 113 includes theencryption/decryption processing unit 112, and encrypts/decryptstransmitting/receiving contents in conformity with a prescribed protocol(for example, DTCP-IP or Marlin, etc.) which the content provisionorigins 5 a, 5 b define/operate.

The VPN communication processing unit 2701 is a portion of establishinga secure tunnel (tunnel) with the VPN corresponding router 2600 of theuser residence 1. The secure connection is established on the internet 3in order to safely execute transmission/reception between, for example,“the communication processing unit 113 of the portable terminal 2610 ofthe going out destination 2” and “the communication processing unit 113of the content transmission device 100 at the user residence 1” withoutaltering contents or control commands. The VPN communication processingunit 2701 includes an encryption/decryption processing unit 2702,executes authentication with the VPN corresponding router 2600 inconformity with a VPN protocol used (for example, IPsec, PPTP, etc.),and encrypts/decrypts the contents (for example, contents encrypted byDTCP-IP or control commands (for example, authentication information ofDTCP-IP).

The wireless communication processing unit 203 is a portion oftransmitting/receiving frames to/from the wireless access point 23 orother AV device connected by a wireless network. For example, there isIEEE802.11a/b/g/n or 3G. The wireless communication processing unit 203includes an encryption/decryption processing unit 202, andencrypts/decrypts a packet transmitted/received by the VPN communicationprocessing unit 2701 as necessary.

The other portions are similar to those of portable terminal 200described in the first embodiment.

FIG. 28 shows an example of an extra-residential access deviceregistration processing sequence executed between the contenttransmission device 100 at inside of the user residence 1 and theportable terminal (content reception device) 2610 present in the systemconfiguration shown in FIG. 26. In FIG. 28, the portable terminal(content reception device) 2610 becomes an extra-residential accessdevice.

It is necessary for executing the procedure to execute beforehand asetting processing (S2801) for using a DDNS function, and a settingprocessing (S2802) for using a VPN server function at the VPNcorresponding router 2600.

In the setting processing of the DDNS function, information of a DDNSserver 2601 used, a domain name, a user name, and a password registeredto the DDNS server 2601, a global IP address, an updating period of theglobal IP address allocated from ISP are set.

In the setting processing of the VPN server function, a kind of a VPNprotocol used or an authentication system is set.

Assume that the portable terminal (content reception device) 2610 ispresent at inside of the user residence 1 in executing the procedure.The content transmission device 100 and the portable terminal 2610monitor TTL of a received packet, and prevent an access to the userresidence 1 from outside by abandoning a packet set with a value of TTLexceeding the intra-residential restriction TTL value 1911 of the TTLtable 1910 shown in FIG. 19. For that purpose, the content transmissiondevice 100 and the portable terminal 2610 set TTL of a transmittedpacket to be equal to or less than the intra-residential restriction TTLvalue 1911 of the TTL table 1910.

First, when a user connects the content transmission device 100 to anetwork at inside of the user residence 1, the control unit 115 of thecontent transmission device 100 acquires a private IP address from theVPN corresponding router 2600, thereafter, transmits a networkparticipation notice to all of devices (the VPN corresponding router2600, the portable terminal 2610, the content reception device 300) inFIG. 26 on the network (S2803).

When the control unit 115 of the portable terminal 2610 receives thenetwork participation notice from the content transmission device 100via the wireless communication processing unit 203 and the communicationprocessing unit 113, the control unit 115 of the portable terminal 2620issues a device information acquiring request to the contenttransmission device 100 (S2804). In correspondence therewith, thecontrol unit 115 of the content transmission device 100 returns deviceinformation including a device kind of its own (for example, mediaserver, media client), and a function of its own (for example, a contentdelivery function, a remote access function, an MOVE function) to theportable terminal 2610 (S2805).

The control unit 115 of the portable terminal 2610 acquiring the deviceinformation of the content transmission device 100 confirms whetherinformation indicating whether the content transmission device 100supports the remote access function is included in the deviceinformation. In a case where the content transmission device 100 doesnot support the remote access function, the control unit 115 does notexecute processings thereafter. In a case where the content transmissiondevice 100 supports the remote access function, the control unit 115 ofthe portable terminal 2610 determines whether the own device isregistered to the content transmission device 100 by an instruction of auser or the own device per se (S2806).

In a case where it is determined that the portable terminal 2610 isregistered to the content transmission device 100, the extra-residentialaccess device registration processing (S700) explained in reference toFIG. 7 is executed between the device authentication processing unit 108of the portable terminal 2610 and the device authentication processingunit 108 of the content transmission device 100.

When the VPN corresponding router 2600 receives the networkparticipation notice from the control unit 115 of the contenttransmission device 100 at S2803, the VPN corresponding router 2600transmits the device information acquisition request to the contenttransmission device 100 similar to S2804 of the portable terminal 2610(S2807). The VPN corresponding router 2600 receives device informationconcerning the content transmission device 100 from the control unit 115of the content transmission device 100 similar to S2805 (S2808). Timingsof executing S2807 and S2808 are not limited to the timings, butS2807/S2808 may be executed prior to S2804/S2805, or in paralleltherewith.

The control unit 115 of the content transmission device 100 registeringthe portable terminal 2610 to the device information management unit 109as an extra-residential access device similar to first embodiment atS700 issues an information acquisition request concerning DDNS serviceto the VPN corresponding router 2600 via the communication processingunit 113 (S2809).

In correspondence therewith, the VPN corresponding router 2600 transmitsinformation including URL (for example, http://AAA.BBB/) registered tothe DDNS server 2601 set beforehand at S2801 and the port number to thecontent transmission device 100 (S2810).

The control unit 115 of the content transmission device 100 confirmswhether URL of the own device has already been registered in referenceto information acquired at S2810. In a case where URL of the own devicehas not been registered, the control unit 115 of the contenttransmission device 100 creates/holds URL (for example,http://AAA.BBB/CCC) for accessing to the own device from outside of theresidence by using information acquired at S2810, and issues a requestfor setting information including the URL and the port number used tothe VPN corresponding router 2600 (S2811).

In correspondence therewith, the VPN corresponding router 2600 registersthe URL and the device information acquired at S2807 in relation to eachother and notifies the registration (S2812).

Here, the control unit 115 of the content transmission device 100 maynot execute S2811/S2812 in a case of using the URL information acquiredfrom the VPN corresponding router 2600 as it is at S2809/S2810. The URLcreated at S2811 may be a description in accordance with a prescribedrule, for example, <URL acquired from the VPN corresponding router2600>/<ID of the content transmission device 100>.

There may be used a method in which the VPN corresponding router 2600creates URL for the content transmission device 100 after S2807/S2808,and sets the URL to the content transmission device 100 in place ofS2809 through S2812.

The control unit 115 of the content transmission device 100 holding URLinformation at S2811/S2812 described above transmits information ofwhether the own device is opened (displayed) to an extra access deviceor a request for setting remote access restriction information includingfolder information opened to the public to the VPN corresponding router2600 (S2813). In correspondence therewith, the VPN corresponding router2600 registers the remote access restriction information in relation tothe device information acquired at S2807, or URL acquired at S2809, andnotifies the registration (S2814).

On the other hand, the control unit 115 of the portable terminal 2610transmits a request for acquiring information of URL or the port numberfor accessing to the content transmission device 100 from outside of theresidence to the control unit 115 of the content transmission device 100when the registration of the own device to the device informationmanagement unit 109 of the content transmission device 100 is succeededat S700 (S2815).

In correspondence therewith, the control unit 115 of the contenttransmission device 100 transmits URL held at S2811 (URL created by theown device or URL allocated from the VPN corresponding router 2600) andthe port number used to the VPN corresponding router 2600 (S2816).

Here, the control unit 115 of the content transmission device 100 maynotify the URL and the port number to the control unit 115 of theportable terminal 2610 after succeeding S700 in place of S2815/S2816described above.

FIG. 29 shows an example of a processing sequence in a case where theportable terminal 2610 executing the device registration to the contenttransmission device 100 by using the device registration processingprocedure S2800 shown in FIG. 28 is taken out to outside of theresidence, and a broadcasting program inputted from the going outdestination 2 to the content transmission device 100 via the tuner 101or contents stored to the recording unit 111 are seen and heard with thesystem configuration shown in FIG. 26.

Prior to the processing procedure, the portable terminal 2610 sets touse a VPN client function for establishing secure tunneling with the VPNcorresponding router 2600 previously at the user residence 1 or thegoing out destination 2 (S2901). Specifically, the new URL or the portnumber acquired at S2800 shown in FIG. 28 is registered to the VPNcommunication processing unit 2701 by an instruction of the user or thecontrol unit 115 of the portable terminal 2610. The portable terminal2610 registers a user name or a password registered to the DDNS server2601 by using the input processing unit 107 to the VPN communicationprocessing unit 2701.

When the user instructs to see and hear contents by using the inputprocessing unit 107 of the portable terminal 261 at the going outdestination 2, the control unit 115 of the portable terminal 2610displays the content transmission device list on the displayunit/speaker 105. The content transmission device list displays thecontent transmission device 100 which is a device registered to theextra-residential access information table 60000 held by the deviceinformation management unit 109.

Next, when the user selects the content transmission device 100 from thelist of content transmission devices by using the input processing unit107, the control unit 115 of the portable terminal 2610 refers to URL ofthe content transmission device 100 registered to the extra-residentialaccess information table 60000, and transmits a request for acquiringthe global IP address indicated by the URL to the DDNS server 2601 fromthe wireless access point 23, and the router 22 of the going outdestination 2 via the wireless communication processing unit 203 via theInternet 3 (S2902). In correspondence therewith, the DDNS server 2601confirms whether URL is registered, and transmits the global IP addressto the portable terminal 2610 in a case of the registration (S2903).Here, the portable terminal 2610 may not display the list of contenttransmission devices, but the user may input URL of the contenttransmission device 100 via the input processing unit 107 or maydesignate URL attached with a bookmark, and the content reception device200 may access to the content transmission device 100 based on theinputted information.

The control unit 115 of the portable terminal 2610 acquiring the globalIP address allocated to the VPN corresponding router 2600 of the userresidence 1 instructs to establish a secure channel with the VPNcorresponding router 2600. The VPN communication processing unit 2701establishes VPN connection with the VPN corresponding router 2600indicated by the global IP address by using the user name/passwordregistered to the VPN communication processing unit by the VPN clientsetting in accordance with the VPN protocol used and notifies the resultto the control unit 115 (S2904). After establishing the VPN connection,information exchanged between the portable terminal 2610 and the VPNcorresponding router 2600 is safely protected by an encryption. That is,in a case where the portable terminal 2610 transmits information ofcontrol data or contents to the content transmission device 100 via theVPN corresponding router 2600, the information is encrypted by theencryption/decryption processing unit 2702 of the VPN communicationprocessing unit 2701, and transmitted onto the communication channelestablished at S2904 via the wireless communication processing unit 203.

The VPN corresponding router 2600 receiving the encrypted informationdecodes the information, thereafter, executes routing to the contenttransmission device 100. In a case where the content transmission device100 transmits information of control data or contents to the portableterminal 2610 via the VPN corresponding router 2600, the contenttransmission device 100 transmits the information of control data orcontents to the VPN corresponding router 2600 via the communicationprocessing unit 113. The VPN corresponding router 2600 encrypts theinformation to transmit onto the communication channel established atS2904. The VPN communication processing unit 2701 of the portableterminal 2610 receiving the encrypted information via the wirelesscommunication processing unit 203 decodes the information at theencryption/decryption processing unit 2702 to deliver to thecommunication processing unit 113.

The portable terminal 2610 can use the private IP address (192.168.10.6in FIG. 29) used at the user residence 1 for communicating with thecontent transmission device 100 as it is.

The control unit 115 of the portable terminal 2610 issues a request foracquiring information of a device connected to the user residence 1 tothe VPN corresponding router 2600 on the secure communication channelestablished at S2904 (S2905). In correspondence therewith, the VPNcorresponding router 2600 transmits connection device information in theuser residence 1 held by its own (content transmission device 100,content reception device 300 in FIG. 26) to the portable terminal 2610(S2906). Similarly, the VPN corresponding router 2600 issues a requestfor acquiring device information held by the portable terminal 2610 tothe portable terminal 2610 (S2907). In correspondence therewith, thecontrol unit 115 of the portable terminal 2610 transmits the deviceinformation of its own to the VPN corresponding router 2600 (S2908).Here, a processing order of S2905/S2906, S2907/S2908 is not limitedthereto.

The VPN corresponding router 2600 acquiring the device information ofthe portable terminal 2610 at the going out destination 2 at S2906transmits a network participation notice of the portable terminal 2610to the content transmission device 100 at inside of the user residence 1(S2909). The participation notice may be broadcast to all of connectiondevices (content transmission device 100, content reception device 300)at inside of the user residence 1.

The control unit 115 of the content transmission device 100 receivingthe network participation notice of the portable terminal 2610 (actuallynotified by the VPN corresponding router 2600 as a deputy) issues arequest for acquiring device information concerning the portableterminal 2610 (S2910). The VPN corresponding router 2600 receiving therequest for acquiring the device information transmits the deviceinformation of the portable terminal 2610 acquired at S2908 to thecontent transmission device 100 as the deputy of the portable terminal2610 (S2911). Thereby, the control unit 115 of the content transmissiondevice 100 can recognize that the portable terminal 2610 at the goingout destination 2 is connected, and is brought into a communicatablestate within a range of the private IP address used at the userresidence 1.

Here, the control unit 115 of the content transmission device 100 needsto determine whether the portable terminal 2610 makes access from insideof the residence, or makes access from outside of the residence in ordernot to output a live broadcasting program or contents remote access ofwhich is restricted by the content provision origins 5 a, 5 b to outsideof the residence as shown in S1502 of FIG. 15 and S1702 of FIG. 17.According to the embodiment, the IP address of the portable terminal2610 accessed from the going out destination 2 is within the range ofthe private IP address used at the user residence 1, and therefore, thecontent transmission device 100 cannot determine inside of the residenceor outside of the residence by a value of the IP address.

Hence, the control unit 115 of the content transmission device 100determines whether the portable terminal 2610 makes access from insideof the residence or makes access from outside of the residence by usingany method of (1) a method of adding information indicating that theportable terminal 2610 makes access from outside of the residence in thenetwork participation notice issued by the VPN corresponding router 2600at S2909 described above, (2) a method of regarding that all of thenetwork participation notices issued by the VPN corresponding router2600 are accesses from outside of the residence, and (3) a method ofadding information indicating that the portable terminal 2610 makesaccess from outside of the residence in the device information responsereturned by the VPN corresponding router 2600 at S2911 described above.

The control unit 115 of the portable terminal 2610 confirming that theportable terminal 2610 is brought into a communicatable state with thecontent transmission device 100 at inside of the user residence 1 atS2908 described above transmits a request for acquiring contentinformation to the content transmission device 100 (S2912).

The control unit 115 of the content transmission device 100 createscontents list information (for example, title, date, copy controlinformation, recording time) concerning a portion or all of contentsstored to the recording unit 111 except a live broadcasting program orIP delivery contents which the own device is receiving by the tuner 101in view of the fact that the portable terminal 2610 which is a requestorigin makes access from outside of the residence by using the procedureof creating content list information shown in FIG. 17 (S2913) totransmit to the content reception device 200 (S2914).

The control unit 115 of the portable terminal 2610 displays receivedcontent information on the display unit/speaker 105 as a list ofcontents. When the user designates contents intended to see and hearfrom the list of contents via the input processing unit 107 (S2915), thedevice authentication processing unit 108 of the portable terminal 2610executes the extra-residential access device authentication processingS1100 with the device authentication processing unit 108 of the contenttransmission device 100.

In a case where the extra-residential access device authenticationprocessing is succeeded, and an extra-residential exchange key necessaryfor encrypting/decrypting contents can be shared between the deviceauthentication processing unit 108 of the portable terminal 2610 and thedevice authentication processing unit 108 of the content transmissiondevice 100, the control unit 115 of the portable terminal 2610 transmitsa request for seeing and hearing desired contents to the contenttransmission device 100 (S2916). At that occasion, the request forseeing and hearing contents may be added with ID for identifying theextra-residential exchange key received at the extra-residential accessdevice authentication processing S1100.

The control unit 115 of the content transmission device 100 transmitscontents encrypted by the encryption/decryption processing unit 112 tothe portable terminal 2610 via the VPN corresponding router 2600 byusing the key shared at S1100 in correspondence with the request forseeing and hearing contents (S2917). In a case where the value of theextra-residential simultaneous access number 5322 reaches theextra-residential simultaneous access maximum number 5106 by using theextra-residential device information table 5300 shown in FIG. 5, aresponse rejecting the request for seeing and hearing contents can alsobe returned. The VPN corresponding router 2600 subjects the encryptedcontents further to an encryption for the VPN connection, andpertinently adds the header information or information for error checkto transmit to a secure channel established at S2904 described above.

The VPN communication processing unit 2701 of the portable terminal 2610decrypts the encryption executed by the VPN corresponding router 2600 byusing the encryption/decryption processing unit 2702 concerningencrypted contents received via the wireless communication processingunit 203 to deliver to the communication processing unit 113. The deviceauthentication processing unit 108 of the portable terminal 2610 createsa common key for decrypting contents by using the extra-residentialexchange key shared at S1100, and sets the common key to theencryption/decryption processing unit 112. The VPN communicationprocessing unit 2701 of the portable terminal 2610 decrypts theencrypted contents outputted from the VPN communication processing unit2701 by the encryption/decryption processing unit 112. The VPNcommunication processing unit 2701 of the portable terminal 2610 outputsthe decrypted contents to the display unit/speaker 105 while decoding bythe decoder 104.

As described above, according to the embodiment, contents can safely beused by remote access by establishing the secure tunnel (VPN connection)on the internet 3 at outside of the residence and inside of theresidence, and thereafter exchanging contents and control commands. Thecontent provision origin can restrict use by remote access to contentsdelivered thereby by identifying whether an access is made from eitherof outside of residence/inside of residence even in a mode in which aremote access device accessing from outside of the residence uses theprivate IP address.

Incidentally, the present invention is not limited to the embodimentsdescribed above but includes various modification examples. For example,the embodiments described above have been explained in details in orderto explain to easy to understand the present invention, and are notnecessarily limited to what includes all of configurations explained. Aportion of a configuration of a certain embodiment can be replaced by aconfiguration of other embodiment, and further the configuration of theother embodiment can be added to the configuration of the certainembodiment. Portions of configurations of respective embodiments may besubjected to addition, deletion, or replacement of other configuration.

Portions or all of respective configurations, functions, processingunits, processing means described above may be realized by a hardware bydesigning by, for example, an integrated circuit. Respectiveconfigurations or functions may be realized by software by interpretingand executing a program realizing the respective functions by aprocessor. Information of programs, tables, or files realizing therespective functions may be stored in a recording device of memory, harddisk, SSD (Solid State Drive), or record media of IC card, SD card, DVD.

Control lines and information lines which are conceived to be necessaryfor explanation are shown and all of control lines and information linesare not necessarily shown in view of a product. Actually, it may beconsidered that almost all of configurations are connected to eachother.

LIST OF REFERENCE SIGNS

1 user residence 1, 2 going out destination 2, 3 internet, 4 other userresidence, 5 content provision origin, 100 content transmission device,200, 300, 400 content reception devices, 500, 600, 700, 800 contenttransmission and reception devices, 107 input processing unit, 108device authentication processing unit, 109 device information managementunit, 110 recording/reproducing processing unit, 111 recording unit, 112encryption/decryption processing unit, 113 communication processingunit, 115 control unit, 202 wireless encryption/decryption processingunit, 203 wireless communication processing unit, 1091 timer, 1092device information updating unit, 1093 device information storing unit,5100 definition table, 5200 intra-residential device information table,5300 extra-residential device information table, 1200 content usingdescriptor, 1300 digital copy control descriptor, 1400 digital contentoutput control table, 1900 threshold information, 2100 packet monitoringtable, 2300 connection management table, 2500 digital content recordingcontrol table, 60000 extra-residential access information table, 2600VPN corresponding router, and 2701 VPN communication processing unit.

1. A content outputting device for outputting a content to an externaldevice connected via a network, the content outputting devicecomprising: a receiving unit that receives the content; a recording unitthat records the received content; an outputting unit that outputs thecontent to the external device via the network; a connection determiningunit that determines whether the external device is present at an insideof a residence the same as an inside of a residence of the contenttransmission device; and a control unit that controls the receivingunit, the recording unit, and the outputting unit by a determinationresult of the connection determining unit, wherein the control unitprevents the received content from being outputted to the externaldevice in a case where the external device is not present at the insideof the residence the same as the inside of the residence of the contenttransmission device, and enables the recorded content to be outputted tothe external device.
 2. The content transmission device according toclaim 1, wherein the receiving unit receives the content including apiece of remote access restriction for restricting the content frombeing outputted from the content transmission device to other devicewhich is not present at the inside of the same residence, wherein thecontrol unit makes the recording unit record the content including thepiece of remote access restriction information received at the receivingunit, wherein the control unit makes the connection determining unitdetermine whether the other device is present at the inside of the sameresidence in a case where the piece of remote access restrictioninformation included in the content recorded at the recording unit doesnot accept a remote access, and wherein the control unit prevents theoutputting unit from outputting the content to the other device in acase where the other device is not present at the inside of the sameresidence as a result of the determination.
 3. The content transmissiondevice according to claim 1, further comprising: a communicationprocessing unit that exchanges various data or commands to and from theother device, wherein the control unit makes the outputting unittransmit a piece of content information which does not include a pieceof information concerning the content which is being received by thereceiving unit to the other device when the connection determining unitdetermines that the other device is not present at the inside of thesame residence in a case where the communication processing unitreceives a request for acquiring the content which is being received bythe receiving unit and a piece of content information which is a list ofthe content which is being recorded or recorded to the recording unitfrom the other device.
 4. The content transmission device according toclaim 3, further comprising: a timer unit that measures a time perioduntil an elapse of a prescribed time period after the recording unit hasrecorded the content, wherein the control unit makes the timer unitstart measuring the prescribed period in a case where the recording unitstarts recording the content received by the receiving unit, and whereinthe control unit makes the outputting unit output the content to theother device in a case where the piece of remote access restrictioninformation included in the content which is being recorded or recordedto the recording unit indicates that the remote access is accepted, theconnection determining unit determines that the other device is notpresent at the inside of the same residence, and the time periodmeasured by the timer unit elapses for the prescribed time period. 5.The content transmission device according to claim 4, wherein thecontrol unit makes the outputting unit transmit the piece of contentinformation which does not include the piece of information concerningthe content at which the time period measured by the timer unit does notreach the prescribed time period in the content which is being recordedor recorded to the recording unit to the other device in a case wherethe communication processing unit receives the request for acquiring thepiece of content information from the other device, and the connectiondetermining unit determines that the other device is not present at theinside of the same residence.
 6. A content transmission method fortransmitting a content to other device connected vi a network, thecontent transmission method comprising: receiving the content from acontent provision origin; recording the content; determining whether theother device is present at an inside of the same residence; controllingto prohibit the content which is receiving from the content provisionorigin from being outputted to the other device in a case where theother device is not present at the inside of the same residence as aresult of the determination; and outputting the recorded content to theother device.
 7. The content transmission method according to claim 6,further comprising: receiving the content including a piece of remoteaccess restriction information restricting the content from beingoutputted to the other device which is not present at the inside of thesame residence; recording the content including the piece of remoteaccess restriction information; determining whether the other device ispresent at the inside of the same residence in a case where the piece ofremote access restriction information does not accept a remote access;and prohibiting the recorded content from being outputted to the otherdevice in a case where the other device is not present at the inside ofthe same residence as a result of the determination.
 8. The contenttransmission method according to claim 6, wherein a piece of contentinformation which does not include a piece of information concerning thecontent which is being received is transmitted to the other device whenthe other device is determined not to be present at the inside of thesame residence in a case where a request for acquiring the content whichis being received and a piece of content information which is a list ofthe content which is being recorded or recorded from the other device.9. The content transmission method according to claim 8, wherein a timeperiod is started to be measured when the received content is started tobe recorded, and the content is outputted to the other device in a casewhere the piece of remote access restriction information which isincluded in the content which is being recorded or recorded indicatesthat the remote access is accepted, the other device is determined notto be present at the inside of the same residence, and the measured timeperiod exceeds a prescribed time period.
 10. The content transmissionmethod according to claim 9, wherein the piece of content informationwhich does not include the piece of information concerning the contentin which the measured time period does not reach the prescribed timeperiod in the content which is being recorded or recorded is transmittedto the other device when the other device is determined not to bepresent at the inside of the same residence in a case where a requestfor acquiring the piece of content information is received from theother device.
 11. A content reception device for receiving a contenttransmitted from a content transmission device connected via a network,the content reception device comprising: a receiving unit that receivesthe content from the content transmission device via the network; and acontrol unit that controls the receiving unit, wherein a piece of remoteaccess restriction information is included in the content recorded tothe content transmission device and transmitted to the content receptiondevice, and the control unit enables the reception unit to receive thecontent in a case where the piece of remote access restrictioninformation indicates that a remote access is not accepted, and thecontent reception device is determined to be present at an inside of aresidence the same as an inside of the residence of the contenttransmission device by the content transmission device.
 12. A contentreception method in a content reception device receiving a contenttransmitted from a content transmission device connected via a network,wherein a piece of remote access restriction information is included inthe content recorded in the content transmission device and transmittedto the content reception device, and the content is enabled to bereceived in a case where the piece of remote access restrictioninformation indicates that a remote access is not accepted, and thecontent reception device is determined to be present at an inside of thesame residence by the content transmission device.